last executing test programs: 40.848945538s ago: executing program 2 (id=4318): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300030c00000000000000000000000200090008000000e90000000000000003000600000000000200002000000000000000000000000002000100000000000001ff0300000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0) 40.70011575s ago: executing program 2 (id=4321): r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0xfffffff7, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x1, 0x813, 0x802}, 0x8, 0x20400000, 0x0, 0x0, 0x0, 0x20000, 0x0}) 40.540555462s ago: executing program 2 (id=4324): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000980)={0xffffffffffffffff}) getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f00000009c0), &(0x7f0000000a00)=0x4) 40.330252975s ago: executing program 2 (id=4328): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x800800, &(0x7f0000000100)=ANY=[@ANYBLOB='errors=remount-ro,discard,dmask=00000000000000000000002,errors=continue,errors=remount-ro,keep_last_dots,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c0000640f51632569c476e867488d0cf29c7ce7dcece2", @ANYRESHEX=0xee01, @ANYBLOB=',errors=continue,fmask=00000000000000000000007,iocharset=iso8859-4,\x00'], 0x1, 0x152a, &(0x7f0000002900)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL/T+Z1+x/mceb6fz/5Yz6z9rP287/Ne9t6YbzoOqtageuV6RAT/ErzwRxIAxAJAPwC4BgACACgdVzru/Hx2iUn/2kHYX+vh1CtdAbuSuP9ZG/c/a+P+Z23c/6yN+5+1cf+zNu5/1sb9Zywr2zg1/7W8Zd2N7///96vzhzP8/f9fJLPE6C9Wl7i+E0DMn03h/mdt3P//WsGf2Yn7n7Vx/7Oq2CtdAPsPwO//rCDbH85w/7M27j9jWdmVvv98pTeIZO3n4Eq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ2n/GUKAC6Nr3RdjDHGGGOMMcYY++v4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/ZP7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFY1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiSjOl/If5b/9O/oCfj75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/TL4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufOnfYEIRKACFcQEMUFsEBvkCHIEOYOcQa4gVxAJIkFcEBfkDq4P8gR5g3xB/iA+KBAUDHRgAhuIi02PBjcERYIbg6LBTUGxoHjgghJBQnBzUDK4JSgV3BqUDm4LygS3B2WDckH5oEJwR1AxuDOoFNwVVA7uDqoEVYNqQfXgnqBGcG9QM7gvqBXcH9QOHgjqBA8GdYOHgnrBw0H94JGgQfBo0DB4LGgUNA6aBE2DZn/p+t6fyPuE66a76yTdQ/fUL+teurfuo/vqfvoV3V+/qgfo13SyHqgH6df1YP2GHqLf1EP1MD1cv6VH6JF6lB6tx+ixOkWP0+P123qCfkdP1JP0ZD1Fp+qpepp+V0/XM/RM/Z6epd/Xs/UcPVfP02n6Az1fL9Dp+kO9UH+kM/QivVgv0Uv1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9XX+sd+hP9E69S+/Wn+o9+jO9V3+u9+kv9H79pc7UX+kD+mt9UH+jD+lv9WH9nT6ij+pj+nt9XP+gT+iT+pQ+rc/oH/VZ/ZM+p/35k/vzX+9GGWViTIyJNbEmh8lhcpqcJpfJZSImYuJMnMltcps8Jo/JZ/KZeBNvCpqC5jwyZAqZQiZqoqaIKWKKmqKmmClmnHEmwSSYkqakKWVKmdKmtCljypiypqwpb8qbO8wd5k5zp7nL3GXuNnebqqaqqW6qmxqmhqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWKamGammWlumpsWpoVpZVqZ1qa1aWPamESTaNqatqadaWfam/amg+lgOpqOppPpZLqYLqar6Wq6mW4mySSZnqan6WV6mT6mj+ln+pn+pr8ZYAaYZJNsBplBZrAZbIaYIWaoGWaGnz9RNSPNKDPajDFjTYpJMePNeDPBTDATzUQz2Uw2qSbVTDPTzHQz3cw0M80sM8vMNrPNXDPXpJk0M9/MN+km3Sw0C02GyTCLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJe/H70ptYm93msFfZnPZqm8teY/8+zmfz23hbwBa02uaxeX8VG2ttUXuTLWaLW2dL2AR782/isracLW8r2DtsRXunrfSbuIa919a099la9n5b3d7zq7i2fcDWsY/auogAtrGtb5vaBvZR29A+ZhvZxraJbWpb26dsG/u0TbTP2Lb22d/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbTfb3fazr9j+9lU7wL5mk+3A38TD7Vt2hB1pR9nRdowd+5t4sp1iU+1UO82+a6fbGb+J0+wHdpZNt7PtHDvXzvs5Pl9Tuv3QLrQf2QwbwGK7xC61y+xyu+L/17rErrPr7Qa7w35iN9stdqvdZrdfOhG2u+xu+6ndYz+zB+zXdp/9wu63h2ym/ern+PzjO2S/tYftd/aIPWqP2e/tcfuD+jl3ZC8A+6P93v5kz1lvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCXyitGxclRCUqgm6kk3UKl6FYqTbdRGbqdylI5Kk8V6A6qSHdSJbqLKtPdVIWqUjWqTvdQDbqXatJ9VIvup9r0ANWhB6kuPUT16GGqT49QA3qUGtJj1IgaUxNqSs3ocWpOT1ALakmt6ElqTU9RG3qaEukZakvPUjv6G7Wn56gDPU8d6QXqRJ2pC71IXekl6kbdKYl6UE96mXpRb+pDfakfvUL96VUaQK9RMg2kQfQ6DaY3aAi9SUNpGA2nt2gEjaRRNJrG0FhKoXE0nt6mCfQOTaRJNJmmUCpNpWn0Lk2nGTST3qNZ9D7Npjk0l+ZRGn1A82kBpdOHtJA+ogxaRItpCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ0+ph30Ce2kXbSbPqU99Bntpc9pH31B++lLyqSv6AB9TQfpGzpE3/ru9B0doaN0jL6n4/QDnaCTdIpO0xn6kc7ST3SOPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoiGGxsHjowhJhQnhzWDK8JSwV3hqWDm8Ly4S3h2XDcuGj91cI7wgrhneGlcK7wsrh3WGVsGpYLawe3hPWCO8Na4b3hbXC+8NS4QNhnfDBsG74UFgvfDisHz4SNggfDRuGj4WNwsZhk7Bp2Cx8PGwePhG2CFuGrcInw9bhU2Gb8OkwMXwmbBs++/P8Awv+eD4p7BH2DF8OXw69v0/Ojc6LpkU/iM6PLoimRz+MLox+FM2ILoouji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Iel89Gzh0wkmnXOBiXDYX67K7HO4ql9Nd7XK5a1zEXevi3HUut7ve5XF5XT6X38W7Aq6g084468iFrpAr7KLuBlfE3eiKuptcMVfcOVfCJbimrplr5pq7J1wL19K1ck+6J91T7in3tHvaPePaumddO/c319495zq4593z7gXXyXV2XdyLrqsbl+vCezLJ9XQ9XS/Xy/VxfVw/18/1d/3dADfAJbtkN8gNcoPdYDfEDXFD3VA33A13I9wIN8qNcmPcGJfiUtx4N95NcBPcRDfRTXaTXapLddPcNDfdTXcVZ1w4ymw32811c12aS3Pz3flzxnS30C10GS7DLXaL3VK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7fTXXFjU7XF73V63z+1z+92XLtN95Q64r91B94075L51h9137og76o65791x94M74U66U+60O+N+dGfdT+6c8y4lMi4yPvJ2ZELkncjEyKTI5MiUSGpkamRa5N3I9MiMyMzIe5FZkfcjsyNzInMj8yJpkQ8i8yMLIumRDyMLIx9FMiKLIosjSyJLI8si3hfYHPpCvrCP+ht8EX+jL+pv8sV8ce98CZ/gb/Yl/S2+lL/Vl/a3+TL+dl/Wl/Pl/WO+kW/sm/imvpl/3Df3T/gWvqVv5Z/0rf1Tvo1/2if6Z3xb/6xv5//m2/vnfAf/vO/oX/CdfGffxb/ou/qXfDff3Sf5Hr6nf9n38r19H9/X9/Ov+P7+VT/Av+aT/UA/yL/uB/s3/BD/ph/qh/nhMW/5EZcukWGsT/Hj/Hj/tp/g3/ET/SQ/2U/xqX6qn+bf9dP9DD/Tv+dn+ff9bD/Hz/XzfJr/wM/3C3y6/9Av9B/5DL/o0k1lv9yv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+x3+E/8Tr/L7/af+j3+M7/Xf+73+S/8fv+lz/Rf+QP+a3/Qf+MP+W/9Yf+dP+KP+mP+e3/c/+BP+JP+lD/tz/gf/Vn/kz/H/2eNMcYYY+xPGXd5KH49c+F2fo/fyRG/2LknAFy9JX/mL+fPn1GuzXNh3FvEt44AwDPdOz58aatSJSkp6eK+GRKCwnMALv1N0HkxcDleBK3gKUiEllDyd+vvLTqfoX+wfvQ2gBy/yImFy/Hl9T8HwKTfWf/xJ4fPLxOeivsf1p8DULTw5ZzscDleBK1+vr/SEkr9Qf15m/+y/tjfrp/9ixSAFr/IyQmX48v1J8AT8Cwk/mpPxhhjjDHGGGPsgt6ifPtL15+X/sXn712fx6vLOdngcvyPrs8ZY4wxxhhjjDF25T3XucvTjycmtmz/zw8q/a+y/vSgIfxfrcyD3x14D3DpJwoA/sUFAc4P5L/zUWz6txwr+eJb5++nlp72AfxntPKvGFzhDybGGGOMMcbYX+7ySf+vf66uVEGMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlgW9O/4dWJX+jEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CwAA///UxgMC") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) 39.952481811s ago: executing program 2 (id=4335): set_mempolicy(0x3, &(0x7f00000015c0)=0x6, 0x5) set_mempolicy(0x1, 0x0, 0x3) 39.260189491s ago: executing program 2 (id=4345): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b, 0x14000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @multicast2}]}}}]}, 0x3c}}, 0x40800) 38.739849629s ago: executing program 32 (id=4345): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b, 0x14000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @multicast2}]}}}]}, 0x3c}}, 0x40800) 6.003069242s ago: executing program 4 (id=4702): r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) 3.699528086s ago: executing program 1 (id=4721): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x34, &(0x7f00000000c0), 0x4) 3.512101039s ago: executing program 1 (id=4724): r0 = syz_open_dev$media(&(0x7f0000000140), 0xc, 0x80d00) ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000000)=[{}, {}]}) 3.504409999s ago: executing program 4 (id=4725): r0 = openat$mice(0xffffffffffffff9c, &(0x7f00000014c0), 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000003c40)=0xc) 3.226456332s ago: executing program 1 (id=4727): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x10084, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x11, 0x2, 0x1, "0000000000b7084adef328ce9000000900", 0x35315241}) 3.197266723s ago: executing program 4 (id=4729): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x7) 2.995516226s ago: executing program 1 (id=4731): r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000100)=@ethtool_coalesce={0xe, 0x0, 0x1000, 0x6, 0x400000, 0x7ff, 0x4, 0xc0000000, 0x402, 0x3, 0x5, 0x5, 0x3, 0x4006, 0x80, 0xfffffffc, 0x0, 0x37e9, 0x80000004, 0x1, 0x6, 0xfffffff9, 0x3}}) 2.990229166s ago: executing program 4 (id=4732): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_wakeup_irq', 0x8000, 0x4) preadv(r0, &(0x7f0000000740)=[{&(0x7f00000001c0)=""/190, 0xbe}], 0x1, 0x1, 0xd04) 2.779394779s ago: executing program 1 (id=4736): keyctl$set_reqkey_keyring(0xe, 0x1) keyctl$set_reqkey_keyring(0xe, 0x1) 2.71885885s ago: executing program 4 (id=4737): syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)={[{}]}, 0x1, 0x232, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiAwyo5k9m3M+kyAhSd+bv1eAHjHYM3bEMjAxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkfauqemDh2NirP5W+9/Pfd+5ja4gQ1psfiXYVs/AluWjWfnJ3cLB/PTa9u31KsuCArzWXisakX/yYcX8vAMPnCE1t9BgaGDSDnulXOjbnrFi/ItUz9fN2bFwwHoz5PZGBkZGBgYmCYGbZzD7K/yhugkcHAzMDAoMIAUsTCkJaZk2rgwcDIwMzAws6ADGCqmRg4wKr0kvNzUtoZGMFJAKxtOQML3AzDxwys/CDlII7RYwZWuIyxRQPMyHYorQKlPaD0cij9GErLoyUbFrAJ/VCeRgMDAxtDReJ//iJDNgYGhorEkpIiQ4hYSUmREVzMSABuMxPU1rlMqJ47zsQwCkbBKBgFo2AUjIJRMApGwSgYBSMZAAIAAP//kpC1eQ==") syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006325a640402000207265970000010902240001000000000904000002214c6a0009050702000000da000905"], 0x0) 2.652938801s ago: executing program 1 (id=4738): syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f00000074c0)=ANY=[@ANYBLOB='jqfmt=vfsv1,heap,alloc_mode=default,active_logs=6,flush_merge,fault_injection=00000000000000000023,discard,noacl,fsync_mode=posix,alloc_mode=default,noextent_cache,active_logs=2,fault_type=0000000000001677214,\x00\x00', @ANYRES8, @ANYRESHEX], 0x1, 0x5505, &(0x7f0000000340)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") open(&(0x7f0000000240)='./file1\x00', 0x201c2, 0x80) 2.05757766s ago: executing program 0 (id=4744): r0 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, &(0x7f0000000000)={0x8, [0x6, 0x7fffffff, 0x3], [{0x0, 0x1, 0x0, 0x1}, {0x35, 0x35}, {0x0, 0x100000c}, {0xffffffff}, {0x0, 0x4}, {0x3, 0x200}, {0x4, 0xfffffffd}, {0xffffff78, 0x10000}, {0x0, 0x82}, {0x1000000, 0x6}, {0x1, 0xffffffff}, {0x3, 0x8}], 0xc}) 2.02974648s ago: executing program 3 (id=4745): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) 1.882219702s ago: executing program 3 (id=4746): syz_mount_image$minix(&(0x7f0000000e80), &(0x7f0000001300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2200050, &(0x7f00000000c0)=ANY=[], 0x2, 0x1df, &(0x7f0000000fc0)="$eJzs3Etu00Acx/Gf47ou5f3asEJiARsSKCxgRw/ABdhVrakqXECUTSukiC234CY5BxsukEiwY4WRx06IzSh+xThVvh+p7V8e/zzTyGONLTkCsLaumd+OHHmmGkq6K+nVS0kbHQ8OQKsi/Y4ArCv3R9cjANCNya5r1gEjR/r+89P+OP3xSq4fJru9pNiSNJffLJv/7Ji/dzak8VzeTw9ZuH75muTvK5u/ULH/7Vx+uyDnzPLJ///gXjZ/UdIlSZclXZF0Nb3Xui7phqX/g1z/t0uOH2giPvv6SenXzvfr9x/PntdHYfDI1ujqWdE1wEvzj+3Nc/GRdYfNNL9TfsjW/JPCPV9Yt/ppvr//LjywtPdqjgsoo/d3/tdhnhA2mf+u9CvKz3/7VMn68m02gAXzH8ACJ6dnb/bCMPhQofBMMV0uVIjHu1fsq2oRRdGw5S7WoNiyNHk1z5Y2i/jq3+g48fK15aGqSRd+dst01rb+8XZ1OQLwHw0+Hr8fnJyePTw63jsMDoO3O0+fu2mbuS8f/Ht3XutBAYCVk12cAwAAAAAAAAAAAACA8+impFt1gmVf8AMAAACwMpb1zpBrCk9SronvEAQAAAAAAAAAAAAAAAAAAACW5k8AAAD//w0RPFQ=") rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./bus\x00') 1.809144853s ago: executing program 0 (id=4747): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x80, 0x20, 0x88}, {0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7a}, {0x0, 0xaf55, 0x0, 0xfffffffffffffffc}}, {{@in=@broadcast, 0x0, 0x6c}, 0x0, @in=@broadcast, 0x3507, 0x0, 0x0, 0x0, 0x0, 0x80000000}}, 0xe8) 1.666470245s ago: executing program 0 (id=4748): syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000000)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1500, &(0x7f0000003340)="$eJzs3Au0TlX3MPA511qb4+TyJLnvuebmSS6LJAklySVJkpA7CUmSJEnikFsSkpDrSXIPuaeTjvv9knvSyStJkpCQZH3jdPn8ey//3vf99//0vWf+xtjjrPnsPdee68zxnGfvPcZ5vuo2vHqjGlXqMzP8O/SvA/z5RxIAJADAIADIAQABAJTNWTZn+v4sGpP+rZOI/yUNZl7pCsSVJP3P2KT/GZv0P2OT/mds0v+MTfqfsUn/MzbpvxAZ2ux8V8uWcTd5/v//OfU/SZbP/wwB/9EO6f9/Gv0vHS39z9ik/xmb9D9jk/5nZMGVLkBcYfL+z9ik/0JkaH/4M+WN56/0M23Z/oVNCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYT4f+C8v8wAwK/jK12XEEIIIYQQQggh/jj+nStdgRBCCCGEEEIIIf73ISjQYCCATJAZEiALJMJVkBWyQXbIATG4GnLCNZALroXckAfyQj7IDwWgIIRAYIEhgkJQGOJwHRSB66EoFIPiUAIclIRScAOUhhuhDNwEZeFmKAe3QHmo8NM5090OleEOqAJ3QlWoBtWhBtwFNeFuqAX3QG24F+rAfVAX7od68ADUhwbQEB6ERtAYmkBTaAbNoQW0hFa/k5+c4+/lPwc94XnoBb0hCfpAX3gB+kF/GAADYRC8CIPhJRgCL8NQGAbD4RUYAa/CSHgNRsFoGAOvw1gYB+NhAkyESZAMb8BkeBOmwFuNs8E0mA4zYCbMgtnwNsyBuTAP3oH5sAAWQnKWxbAElsK7sAzegxR4H5bDB5AKK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A4fwg7YCbtgN+yBvbAPPoL98DEcgE8gDT/9F/PP/TYfuiMgoEKFBg1mwkyYgAmYiImYFbNidsyOMYxhTsyJuTAX5sbcmBfzYhLmx4JYEAkJGRkLYSGMYxyLYBEsikWxOBZHhw5LYSksjTdiGSyDZbEslsNyWB4rYAW8FW/FSlgJK2NlrIJVsCpWxepYHe/Cu/BurIW1sDbWxjpYB+tiXayH9bA+1seG2BAbYSNsgk2wGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHbAjdsRO2Ak7Y2fsgl2wK3bFbtgNu+Oz+Cw+h8/h8/g89saqqg/2xb7YD/vhAByIA/FFHIwv4Uv4Mg7FYTgcX8FX8FUciWdxFI7GMTgGK6lxOB4nIKtJmIzJmBkm4xScglNxGk7DGTgTZ+FsnI1zcC7OxXdwPi7ABbgIF+ESXIpLcRm+hymYgsvxHKbiClyJq3A1rsHVuA7X4zrciJtwI27BLbgNt+GH+CHuxJ24G3fjXtyLH+FH+DF+jEMxDdPwIB7EQ3gID+NhPIJH8CgexWN4DI/jcTyBJ/AknsLTeArP4Bk8i+fwPABcwAt4ES/iJbyU/uZX6YwyKpPKpBJUgkpUiSqryqqyq+wqpmIqp8qpcqlcKrfKrfKqvCq/yq8KqoKKFClWkSqkCqm4iqsiqogqqoqq4qq4csqpUqqUKq1KqzKqjCqrblbl1C2qvKqg2rpb1a2qkmrnKqs7VBVVRVVV1VR1VUPVUDVVTVVL1VK1VW1VR9VRddX9qp7qgwOwgUrvTCM1DJuo4dhMNVctVEv1Kj6kWquR2Ea1Ve3UI2o0jsIOqrXrqB5XndR47KyeVBPwKdVVTcJu6hnVXT2reqjnVE/VxvVSvdVU7KP6qhnYT/VXA9RANQerqfSOVVcvq+cyD1PD1StqCb6qRqrX1Cg1Wo1Rr6uxapwaryaoiWqSSlZvqMnqTTVFvaWmqmlqupqhZqpZarZ6W81Rc9U89Y6arxaohWqRWqyWqKXqXbVMvadS1PtqufpApaoVaqVapVarNWqtWqfWqw1qo9qkNqstaqvaprarD9UOtVPtUrvVHrVX7VMfqf3qY3VAfaLS1KfqoPqLOqQ+U4fV5+qI+kIdVV+qY+ordVx9rU6ob9RJdUqdVt+qM+o7dVadU+fV9+qC+kFdVD+qS8or0KiV1troQGfSmXWCzqIT9VU6q86ms+scOqav1jn1NTqXvlbn1nl0XpNP59cFdEEdatJWs450IV1Yx/V1uoi+XhfVxXRxXUI7XVKX0jfo0vpGXUbfpMvqm3U5fYsuryvoih70bbqSvl1X1nfoKvpOXVVX09V1DX2Xrqnv1rX0Pbq2vlfX0ffpuvp+XU8/oOvrBrqhflA30o11E91UN9PNdQvdUrfSD+nW+mHdRrfV7fQjur1+VHfQj+mO+nHdST+hO+sndRf9lO6qn9bd9DO6u35W99A/6kva6166t07SfXRf/YLup/vrAXqgHqRf1IP1S3qIflkP1cP0cP2KHqFf1SP1a3qUHq3H6Nf1WD1Oj9cT9EQ9SSfrN/Rk/aaeot/SU/U0PV3P0DP1LD3gl5nm/RP5b/6d/CE/nX2b3q4/1Dv0Tr1L79Z79F69T+/T+/V+fUAf0Gk6TR/UB/UhfUgf1of1EX1EH9VH9TF9TB/Xx/UJfUKf1Kf09/pbfUZ/p8/qc/qc/l5f0Bf0xV9+B2DQKKONMYHJZDKbBJPFJJqrTFaTzWQ3OUzMXG1ymmtMLnOtyW3ymLwmn8lvCpiCJjRkrGETmUKmsImb60wRc70paoqZ4qaEcaakKWVu+B/n/159rUwr09q0Nm1MG9POtDPtTXvTwXQwHU1H08l0Mp1NZ9PFdDFdTVfTzXQz3U1308P0MD1NT9PL9DJJJsn0NS+Yfqa/GWAGmkHmRTPYDDZDzBAz1Aw1w81wM8KMMCPNSDPKjDJjzBgz1ow14814M9FMNMk+h5lsJpspZoqZaqaa6YNymJlmppltZps5Zo6ZZ+aZ+Wa+WWgWmsVmsVlqlpplZplJMSlmuVluUs0Ks8KsMqvMGrPGrDPrzAazwWwym8wWs8Wkmu1mu9lhdphdZpfZY/aYfWaf2W/2mwPmgEkzaeagOWgOmUPmsDlsjpgj5qg5ao6ZY+a4OW5OmBPmpDlpTpvT5ow5Y86as+a8OW8umAvmorloLplL6Zd9gQpUYAITZAoyBQlBQpAYJAZZg6xB9iB7EAtiQc4gZ5AruDbIHeQJ8gb5gvxBgaBgEAYU2ICDKCgUFA7iwXVBkeD6oGhQLCgelAhcUDIoFdwQlA5uDMoENwVlg5uDcsEtQfmgQlAxuDW4LagU3B5UDu4IqgR3BlWDakH1oEZwV1AzuDuoFdwT1A7uDeoE9wV1g/uDesEDQf2gQdAweDBoFDQOmgRNg2ZB86BF0DJo9YfO7/3ZPA+7XmHvMCnsE/YNXwj7hf3DAeHAcFD4Yjg4fCkcEr4cDg2HhcPDV8IR4avhyPC1cFQ4OhwTvh6ODceF48MJ4cRwUpgcvhFODt8Mp4RvhVPDaeH0YEY4M5wVzg7fDueEc8N54Tvh/HBBuDBcFC4Ol4T48yUxpITvh8vDD8LUcEW4MlwVrg7XhGvDdeH6cEO4MdwUbg63lB3886HhjnBnuCvcHe4J94b7wo/C/eHH4YHwkzAt/DQ8GP4lPBR+Fh4OPw+PhF+ER8Mvw2PhV+Hx8OvwRPhNeDI8FZ4Ovw3PhN+FZ8Nz4fnw+/BC+EN4MfwxvBT69Iv79I93MmQoE2WiBEqgREqkrJSVslN2ilGMclJOykW5KDflpryUl/JTfipIBSkdE1MhKkRxilMRKkJFqSgVp+LkyFEpKkWlqTSVoTJUlspSOSpH5ak8VaSKdBvdRrfT7XQH3UF30p1UjapRDapBNakm1aJaVJtqUx2qQ3WpLtWjelSf6lNDakiNqBE1oSbUjJpRC2pBragVtabW1IbaUDtqR+2pPXWgDtSROlIn6kSdqTN1oS7UlbpSN+pG3ak79aAe1JN6Ui/qRUmURH2pL/WjfjSABtAgGkSDaTANoSE0lIbScBpOI2gEjaSRNIpG0xh6ncbSOBpPE2giTaJkSqbJNJmm0BSaSlNpOk2nmTSTZtNsmkNzaB7No/k0nxbSQlpMi2kpLaVltIxSKIWW03JKpVRaSStpNa2mtbSW1tN62kgbaTNtpq20lbbTdtpBO2gX7aI9tIf20T7aT/vpAB2gNEqjg3SQDtEhOkyH6QgdoaN0lI7RMTpOx+kEnaCTdJJO02k6Q2foLJ2l83SeLtAPdJF+pEvkKcFmsYn2KpvVZrPZbQ7713Fem8/mtwVsQRva3DbPb2Ky1ha1xWxxW8I6W9KWsjf8TVzeVrAV7a32NlvJ3m4r2/I2C/zXuKa929ay99ja9l5bw971m7iOvc/WtY1tPdvU1rfNbUPb0jayjW0T29Q2s81tC9vStreP2g72MdvRPm472Sf+Jl5m37Pr7Qa70W6y++3H9rz93h6zX9kL9gfby/a2g+yLdrB9yQ6xL9uhdthvYwA7xr5ux9pxdrydYCfaSX8TT7cz7Ew7y862b9s5du7fxEvtu3a+TbEL7SK72C75KU6vKcW+b5fbD2yqXWFX2lV2tV1j19p1/7fWVXaL3Wq32X32I7vD7rS77G67x+79KU5fxwH7iU2zn9qj9kt7yH5mD9vj9oj94qc4fX3H7df2hP3GnrSn7Gn7rT1jv7Nn7bmf1p++9m/tj/aS9RYYWbFmwwFn4sycwFk4ka/irJyNs3MOjvHVnJOv4Vx8LefmPJyX83F+LsAFOWRiy8wRF+LCHOfruAhfz0W5GBfnEuy4JJfiG7g038hl+CYuyzdzOb6Fy3MFrsi38m1ciW/nynwHV+E7uSpX4+pcg+/imnw31+J7uDbfy3X4Pq7L93M9foDrcwNuyA9yI27MTbgpN+Pm3IJbcit+iFvzw9yG23I7foTb86PcgR/jjvw4d+InuDM/yV34Ke7KT3M3foa787Pcg5/jnvw89+LenMR9uC+/wP24Pw/ggTyIX+TB/BIP4Zd5KA/j4fwKj+BXeSS/xqN4NI/h13ksj+PxPIEn8iRO5jd4Mr/JU/gtnsrTeDrP4Jk8i2fz2zyH5/I8fofn8wJeyIt4MS/hpfwuL+P3OIXf5+X8AafyCl7Jq3g1r+G1vI7X8wbeyJt4M2/hrbyNt/OHvIN38i7ezXt4L+/jj3g/f8wH+BNO40/5IP+FD/FnfJg/5yP8BR/lL/kYf8XH+Ws+wd/wST7Fp/lbPsPf8Vk+x+f5e77AP/BF/pEvsWeIMFKRjkwURJmizFFClCVKjK6KskbZouxRjigWXR3ljK6JckXXRrmjPFHeKF+UPyoQFYzCiCIbcRRFhaLCUTy6LioSXR8VjYpFxaMSkYtKRqWiG6LS0Y1RmeimqGx0c1QuuiUqH1WIKka3RrdFlaLbo8rRHVGV6M6oalQtqh7ViO6KakZ3R7Wie6La0b1Rmei+qG50f1QveiCqHzWIGkYPRo2ixlGTqGnULGoetYhaRq2ih6LW0cNRm6ht1C56JGofPRp1iB6LOkaPR52iJy7vLxb8/Gn6V/uToj6R/uUJ2T16cXxJfGn83fiy+Hvxxt1+fjU1viK+Mr4qvjq+Jr42vi6+Pr4hvjG+Kb45viW+Nb4t7n2NzOAw/UYYjAtcJpfZJbgsLtFd5bK6bC67y+Fi7mqX013jcrlrXW6Xx+V1+Vx+V8AVdKEjZx27yBVyhV3cXeeKuOtdUVfMFXclnHMlXSnX0rVyrVxr97Br49q6du4R94h71D3qHkv4pXDX2T3purinXFf3tHvaPeO6u2ddD/ec6+med71cb5fkklxf19f1c/3cADfADXKD3GA32A1xQ9xQN9QNd8PdCDfCjXQj3Sg3yo1xY9xYN9aNd+PdRDfRJbtkN9lNdlPcFDfVTXXT3XQ30810s91sN8fNcfPcPDffzXcL3UK32C12S91St8wtcykuxS13y12qS3Ur3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1waS7NHXQH3SF3yB12n7sj7gt31H3pjrmv3HH3tTvhvnEn3Sl32nl9xn3nzrpz7rz73l1wP7iL7kd3yXmXHHsjNjn2ZmxK7K3Y1Ni02PTYjNjM2KzY7NjbsTmxubF5sXdi82MLYgtji2KLY0tiS2PvxpbF3oulxN6PLY99EEuNrYitjK2KrY6tiXlfYEfkC/nCPu6v80X89b6oL+aL+xLe+ZK+lL/Bl/Y3+jL+Jl/W3+zL+Vt8eV/BV/RNfTPf3LfwLX0r/5Bv7R/2bXxb384/4tv7R30H/5jv6B/3nfwTvrN/0nfxT/mu/mnfzT+z4Jcu+57+ed/L9/ZJvo/v61/w/Xx/P8AP9IP8i36wf8kP8S/7oX6YH+5f8SP8q36kf82P8qP9GP+6H+vH+fF+gp/oJ/lk/4af7N/0U/xbfqqf5qf7GX6mn+Vn+7f9HD/Xz/Pv+Pl+gV/oF/nFfolf6t/1y/x7PsW/75f7D3yqX+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u//Q7/A7/S6/2+/xe/0+/5Hf7z/2B/wnPs1/6g/6v/hD/jN/2H/uj/gv/FH/pT/mv/LH/df+hP/Gn/Sn/Gn/rT/jv/Nn/Tl/3n/vL/gf/EX/o78k/7MmhBBCCPFP0b+zv8/feU39sqXrCwDZduY78tdzbs7987i/2t8pBgCP9+7W4NetQYOkpKRfjk3VEBReBACxy/k/ff/AL/EKaAePQkdoC6X/bn39VcWfrvv+u/njNwMkAmT5NSf99igR/nr+G//B/E3f5d+bfxFA0cKXc9JP9Gt8ef4y/2D+ve1/Z/4snyUDtPkvOVnhcnx5/lLwMDwBHX9zpBBCCCGEEEII8bP+6kL337u/Tb8/z28u52SGy/Hv3Z//jsp/xBqEEEIIIYQQQgjx33vq2R6PPdSxY9su/8mDzH+OMv4EAwSAP0EZMvjzD670XyYhhBBCCCHEH+3yRf+VrkQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhMi4/v1vCFP/9MFXeo1CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfZ/AgAA///M7VMc") mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2236824, 0x0) 1.602422757s ago: executing program 3 (id=4749): ioperm(0x3, 0x4, 0x1000008) io_uring_setup(0xc90, &(0x7f0000000080)) 1.327673681s ago: executing program 3 (id=4750): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@ipv6_deladdrlabel={0x30, 0x49, 0x1, 0x70bd28, 0x25dfdbfd, {0xa, 0x0, 0x0, 0x0, 0x0, 0x81}, [@IFAL_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x30}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20040800}, 0x40) 1.193577303s ago: executing program 0 (id=4751): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000180)='./file1\x00', &(0x7f0000000000), 0x208090, &(0x7f0000000280)={[{@verity_on}, {@redirect_dir_follow}]}) 816.529518ms ago: executing program 3 (id=4752): r0 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x20000002) 656.510951ms ago: executing program 0 (id=4753): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2400000018000109da0000000000000002180020000000080014000008000100ac1414"], 0x24}}, 0x0) 201.619397ms ago: executing program 3 (id=4754): sched_setscheduler(0x0, 0x1, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x2a, 0xaf, 0xee, 0x8, 0xaf0, 0x6751, 0x758b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0x7}}]}}]}}]}}, 0x0) 5.5747ms ago: executing program 0 (id=4755): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x14, 0x4, 0x4, 0xfe5f}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/61}, 0x20) 0s ago: executing program 4 (id=4756): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x10, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000c700000095"], &(0x7f0000000300)='GPL\x00', 0x8}, 0x94) kernel console output (not intermixed with test programs): 59] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 298.174678][T13059] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 298.210105][T13069] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3208'. [ 298.258693][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.305817][T13073] loop1: detected capacity change from 0 to 16 [ 298.316392][T13073] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 298.502079][T13078] netdevsim netdevsim1 netdevsim0: left allmulticast mode [ 298.523144][T13078] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 299.823349][T13140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3242'. [ 299.865175][T13134] loop0: detected capacity change from 0 to 4096 [ 299.890680][T13134] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 299.991316][T13134] ntfs3: loop0: failed to convert "c46c" to cp862 [ 300.080524][T13147] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:20000 [ 300.111509][T13149] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3246'. [ 300.204723][ T5834] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 300.311174][T13152] ALSA: mixer_oss: invalid OSS volume 'u' [ 300.407964][ T5834] usb 3-1: config 0 interface 0 has no altsetting 0 [ 300.420397][ T5834] usb 3-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee [ 300.443956][ T5834] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.490521][ T5834] usb 3-1: config 0 descriptor?? [ 300.541138][ T28] audit: type=1326 audit(2000000139.829:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13162 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 300.618196][ T28] audit: type=1326 audit(2000000139.829:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13162 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 300.680596][ T28] audit: type=1326 audit(2000000139.869:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13162 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 300.779550][ T28] audit: type=1326 audit(2000000139.869:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13162 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 300.798887][ T5834] snd-usb-audio: probe of 3-1:0.0 failed with error -22 [ 300.864290][ T5834] usb 3-1: USB disconnect, device number 15 [ 300.870590][T13171] netlink: 'syz.3.3257': attribute type 62 has an invalid length. [ 301.196168][T13183] loop0: detected capacity change from 0 to 2048 [ 301.229194][T13183] NILFS (loop0): invalid segment: Magic number mismatch [ 301.263877][T13183] NILFS (loop0): trying rollback from an earlier position [ 301.300404][T13183] NILFS (loop0): recovery complete [ 301.334899][T13186] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 301.618877][T13173] loop1: detected capacity change from 0 to 32768 [ 301.689237][T13197] loop2: detected capacity change from 0 to 512 [ 301.701193][T13197] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 301.719439][T13173] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 301.759217][T13173] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 301.812583][T13197] EXT4-fs (loop2): 1 truncate cleaned up [ 301.830434][T13197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 301.993746][T13173] XFS (loop1): Ending clean mount [ 302.027206][T13173] XFS (loop1): Quotacheck needed: Please wait. [ 302.120769][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.156881][T13173] XFS (loop1): Quotacheck: Done. [ 302.357611][ T5780] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 302.804765][T13230] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3282'. [ 302.973068][T13234] usb usb1: usbfs: process 13234 (syz.2.3283) did not claim interface 0 before use [ 303.119995][T13216] loop0: detected capacity change from 0 to 32768 [ 303.180060][T13216] read_mapping_page failed! [ 303.184763][T13216] ERROR: (device loop0): txCommit: [ 303.184763][T13216] [ 303.892906][T13267] netlink: 'syz.3.3299': attribute type 21 has an invalid length. [ 303.916487][T13267] netlink: 164 bytes leftover after parsing attributes in process `syz.3.3299'. [ 304.414191][T13292] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3312'. [ 304.540259][T13296] xt_TCPMSS: Only works on TCP SYN packets [ 304.929660][T13313] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3323'. [ 305.003265][T13315] loop0: detected capacity change from 0 to 256 [ 305.061095][T13315] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012c80, chksum : 0x0ff561db, utbl_chksum : 0xe619d30d) [ 305.378162][T13333] ieee802154 phy0 wpan0: encryption failed: -22 [ 305.532087][T13335] loop2: detected capacity change from 0 to 1764 [ 305.749197][T13346] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3338'. [ 305.934075][T13356] delete_channel: no stack [ 305.940327][T13351] bond3: entered promiscuous mode [ 305.950957][T13351] bond3: entered allmulticast mode [ 305.957438][T13351] 8021q: adding VLAN 0 to HW filter on device bond3 [ 305.966068][T13353] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3343'. [ 306.149261][T13366] x_tables: duplicate underflow at hook 1 [ 306.251345][T13368] loop2: detected capacity change from 0 to 16 [ 306.258615][T13368] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 306.577773][T13382] tc_dump_action: action bad kind [ 306.680646][T13384] binder: 13383:13384 ioctl c0306201 200000000a00 returned -14 [ 306.950456][T13398] futex_wake_op: syz.2.3363 tries to shift op by -1; fix this program [ 307.069200][T13403] xt_connbytes: Forcing CT accounting to be enabled [ 307.176789][T13408] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 307.406817][T13416] loop2: detected capacity change from 0 to 2048 [ 307.447114][T13420] loop1: detected capacity change from 0 to 64 [ 307.463956][T13416] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 307.608641][T13422] netlink: 'syz.0.3376': attribute type 1 has an invalid length. [ 307.744978][T13424] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3377'. [ 308.307893][T13413] loop3: detected capacity change from 0 to 32768 [ 308.385552][ T28] audit: type=1326 audit(2000000147.679:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13450 comm="syz.0.3389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 308.414645][T13413] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 308.460156][T13413] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 308.496543][ T28] audit: type=1326 audit(2000000147.709:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13450 comm="syz.0.3389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 308.589536][ T28] audit: type=1326 audit(2000000147.709:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13450 comm="syz.0.3389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 308.589583][ T28] audit: type=1326 audit(2000000147.709:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13450 comm="syz.0.3389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 308.589618][ T28] audit: type=1326 audit(2000000147.709:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13450 comm="syz.0.3389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 308.834934][T13413] XFS (loop3): Ending clean mount [ 308.849213][T13413] XFS (loop3): Quotacheck needed: Please wait. [ 308.977517][T13413] XFS (loop3): Quotacheck: Done. [ 309.125545][T13480] loop1: detected capacity change from 0 to 8 [ 309.177658][T13480] SQUASHFS error: Failed to read block 0xdfa: -5 [ 309.198692][T13484] loop0: detected capacity change from 0 to 512 [ 309.209411][T13480] SQUASHFS error: Unable to read metadata cache entry [dfa] [ 309.217277][T13480] SQUASHFS error: Failed to read block 0x4e8: -5 [ 309.234271][ T5783] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 309.247429][T13480] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 309.258725][T13484] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 309.268728][T13480] SQUASHFS error: Failed to read block 0x4de: -5 [ 309.281747][T13484] EXT4-fs (loop0): Test dummy encryption mode enabled [ 309.288933][T13480] SQUASHFS error: Failed to read block 0x4de: -5 [ 309.296049][T13484] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal [ 309.305142][T13480] SQUASHFS error: Failed to read block 0x4de: -5 [ 309.316238][T13480] SQUASHFS error: Failed to read block 0x4de: -5 [ 309.325133][T13480] SQUASHFS error: Failed to read block 0x4de: -5 [ 309.332082][T13480] SQUASHFS error: Failed to read block 0x4de: -5 [ 309.338741][T13480] SQUASHFS error: Failed to read block 0x4e8: -5 [ 309.346406][ T28] audit: type=1800 audit(2000000148.649:160): pid=13480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3400" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 309.366045][ C0] vkms_vblank_simulate: vblank timer overrun [ 309.649461][ T54] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 309.847448][ T54] usb 1-1: config index 0 descriptor too short (expected 24931, got 36) [ 309.866650][ T54] usb 1-1: config 100 has too many interfaces: 114, using maximum allowed: 32 [ 309.879374][ T54] usb 1-1: config 100 has an invalid descriptor of length 105, skipping remainder of the config [ 309.898293][ T54] usb 1-1: config 100 has 0 interfaces, different from the descriptor's value: 114 [ 309.916983][ T54] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 309.939432][ T54] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.189803][ T5834] usb 1-1: USB disconnect, device number 18 [ 310.208738][T13516] xt_TPROXY: Can be used only with -p tcp or -p udp [ 310.366698][ T27] usb 2-1: new full-speed USB device number 16 using dummy_hcd [ 310.384427][T13522] netlink: 'syz.2.3422': attribute type 12 has an invalid length. [ 310.568521][ T27] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 310.587671][ T27] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 310.617407][ T27] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 310.652199][ T27] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 310.666920][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.676161][ T27] usb 2-1: Product: syz [ 310.681216][ T27] usb 2-1: Manufacturer: syz [ 310.685842][ T27] usb 2-1: SerialNumber: syz [ 310.699914][ T27] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found [ 310.709797][ T27] cdc_ncm 2-1:1.0: bind() failure [ 310.717316][T13526] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3403'. [ 310.957037][ T27] usb 2-1: USB disconnect, device number 16 [ 311.075304][T13534] loop3: detected capacity change from 0 to 2048 [ 311.105790][T13524] loop2: detected capacity change from 0 to 32768 [ 311.113881][T13524] XFS: noikeep mount option is deprecated. [ 311.141259][T13524] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 311.401773][T13524] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 311.464187][T13524] XFS (loop2): Starting recovery (logdev: internal) [ 311.525939][T13524] XFS (loop2): Ending recovery (logdev: internal) [ 311.578718][T13524] XFS (loop2): Metadata corruption detected at xfs_inobt_verify+0xc5/0x230, xfs_finobt block 0x8 [ 311.593309][T13524] XFS (loop2): Unmount and run xfs_repair [ 311.599429][T13524] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 311.617328][T13524] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 311.656698][T13524] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10 ................ [ 311.693717][T13524] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 311.732807][T13524] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02 ......1....N.... [ 311.764502][T13524] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00 ...`............ [ 311.812442][T13524] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 311.844888][T13524] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 311.864763][T13524] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 311.890221][T13524] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x1d7/0x2d0" at daddr 0x8 len 8 error 117 [ 311.955496][T13568] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3439'. [ 311.980237][ T5782] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 311.993814][T13567] loop3: detected capacity change from 0 to 2048 [ 312.054864][T13567] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 312.920256][T13600] netlink: 392 bytes leftover after parsing attributes in process `syz.2.3456'. [ 313.001383][T13604] libceph: resolve '0.0' (ret=-3): failed [ 313.095861][T13609] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3460'. [ 313.130738][T13609] 0X: renamed from caif0 [ 313.171699][T13609] 0X: entered allmulticast mode [ 313.176972][T13609] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 313.353452][T13614] loop0: detected capacity change from 0 to 4096 [ 313.409794][T13614] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 313.444659][T13614] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 313.647457][T13627] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3469'. [ 314.285858][T13623] loop1: detected capacity change from 0 to 32768 [ 314.296257][T13651] loop2: detected capacity change from 0 to 16 [ 314.326721][T13651] erofs: (device loop2): mounted with root inode @ nid 36. [ 314.379481][ T54] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 314.561648][ T54] usb 4-1: Using ep0 maxpacket: 32 [ 314.582505][ T54] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 314.599489][ T54] usb 4-1: config 0 has no interface number 0 [ 314.627034][ T54] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 314.649488][ T54] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.660081][T13659] loop0: detected capacity change from 0 to 512 [ 314.663370][ T54] usb 4-1: Product: syz [ 314.683716][ T54] usb 4-1: Manufacturer: syz [ 314.688387][ T54] usb 4-1: SerialNumber: syz [ 314.723907][ T54] usb 4-1: config 0 descriptor?? [ 314.731650][T13659] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 314.789681][ T28] audit: type=1326 audit(2000000154.069:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13663 comm="syz.2.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 314.835107][ T28] audit: type=1326 audit(2000000154.069:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13663 comm="syz.2.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 314.906449][ T28] audit: type=1326 audit(2000000154.109:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13663 comm="syz.2.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 314.950468][ T54] radio-si470x 4-1:0.35: this is not a si470x device. [ 315.007835][ T28] audit: type=1326 audit(2000000154.109:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13663 comm="syz.2.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 315.136710][ T5781] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 315.159722][ T54] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 315.192658][ T54] usb 4-1: USB disconnect, device number 20 [ 315.481777][T13685] autofs4:pid:13685:autofs_fill_super: called with bogus options [ 315.735538][T13698] netlink: 180 bytes leftover after parsing attributes in process `syz.0.3502'. [ 315.805987][ T54] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 315.859996][T13702] ipt_REJECT: TCP_RESET invalid for non-tcp [ 315.948556][T13705] netlink: 'syz.0.3507': attribute type 13 has an invalid length. [ 315.968106][T13707] xt_CT: You must specify a L4 protocol and not use inversions on it [ 316.001490][ T54] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 316.028343][ T54] usb 2-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config [ 316.059417][ T54] usb 2-1: config 0 has no interface number 0 [ 316.065568][ T54] usb 2-1: too many endpoints for config 0 interface 117 altsetting 115: 101, using maximum allowed: 30 [ 316.109692][ T54] usb 2-1: config 0 interface 117 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 101 [ 316.147950][ T54] usb 2-1: config 0 interface 117 has no altsetting 0 [ 316.165457][ T54] usb 2-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 316.186200][ T54] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.209675][ T54] usb 2-1: config 0 descriptor?? [ 316.427959][ T54] usb 2-1: string descriptor 0 read error: -71 [ 316.448173][ T54] usb 2-1: selecting invalid altsetting 0 [ 316.505150][ T54] usb 2-1: USB disconnect, device number 17 [ 316.560742][ T5919] udevd[5919]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.117/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 316.744475][T13732] loop0: detected capacity change from 0 to 512 [ 316.794330][T13732] EXT4-fs (loop0): Test dummy encryption mode enabled [ 316.808104][T13732] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 316.861654][T13732] EXT4-fs (loop0): 1 truncate cleaned up [ 316.880552][T13732] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 317.143097][T13744] netlink: 'syz.3.3522': attribute type 6 has an invalid length. [ 317.185793][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.589577][ T27] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 317.612885][T13763] kAFS: unable to lookup cell '\/' [ 317.635872][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.642391][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.737349][T13768] xt_CT: You must specify a L4 protocol and not use inversions on it [ 317.796910][ T27] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 317.816387][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.833452][ T27] usb 3-1: Product: syz [ 317.840604][ T27] usb 3-1: Manufacturer: syz [ 317.845232][ T27] usb 3-1: SerialNumber: syz [ 317.875023][ T27] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 317.915142][ T5834] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 318.439394][ T27] usb 3-1: USB disconnect, device number 16 [ 318.567812][T13772] loop0: detected capacity change from 0 to 32768 [ 318.642671][T13772] ERROR: (device loop0): dbAlloc: unable to allocate blocks [ 318.642671][T13772] [ 318.665103][T13792] netlink: 108 bytes leftover after parsing attributes in process `syz.1.3547'. [ 318.666622][T13772] jfs_create: dtInsert returned -EIO [ 318.682641][T13772] ERROR: (device loop0): jfs_create: [ 318.682641][T13772] [ 318.692428][T13792] (null): rxe_set_mtu: Set mtu to 1024 [ 318.989470][ T5834] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 318.996562][ T5834] ath9k_htc: Failed to initialize the device [ 319.044888][ T27] usb 3-1: ath9k_htc: USB layer deinitialized [ 319.154682][T13792] infiniband s: set down [ 319.171858][T13792] infiniband s: added bridge0 [ 319.233956][T13800] loop0: detected capacity change from 0 to 4096 [ 319.247571][T13800] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 319.280322][T13792] RDS/IB: s: added [ 319.308318][T13792] smc: adding ib device s with port count 1 [ 319.347747][T13792] smc: ib device s port 1 has pnetid [ 319.503392][T13800] ntfs3: loop0: failed to convert "c46c" to koi8-u [ 319.765545][T13817] loop0: detected capacity change from 0 to 512 [ 319.776759][T13813] loop3: detected capacity change from 0 to 4096 [ 319.823443][T13813] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 319.875347][T13817] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.971502][T13817] ext4 filesystem being mounted at /931/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 320.097820][T13813] ntfs3: loop3: failed to convert "c46c" to iso8859-5 [ 320.207515][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.530966][T13833] loop3: detected capacity change from 0 to 4096 [ 320.582312][T13835] loop0: detected capacity change from 0 to 4096 [ 320.586998][T13833] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 320.609755][ T5834] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 320.694923][T13835] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 320.783260][ T5783] ntfs3: loop3: ino=9, ntfs_sync_fs failed, -22. [ 320.803224][T13835] ntfs3: loop0: Failed to load $Extend (-22). [ 320.819520][T13835] ntfs3: loop0: Failed to initialize $Extend. [ 320.825754][ T5834] usb 3-1: Using ep0 maxpacket: 32 [ 320.840301][ T5834] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 320.874132][ T5834] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 320.908981][ T5834] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 320.933837][ T5834] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.989824][ T5834] usb 3-1: config 0 descriptor?? [ 321.012481][ T5834] hub 3-1:0.0: USB hub found [ 321.235980][ T5834] hub 3-1:0.0: 1 port detected [ 321.442736][ T5834] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 321.451811][ T5834] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 321.478743][ T5834] usbhid 3-1:0.0: can't add hid device: -71 [ 321.490850][ T5834] usbhid: probe of 3-1:0.0 failed with error -71 [ 321.557752][ T5834] usb 3-1: USB disconnect, device number 17 [ 321.770699][T13857] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 322.417594][T13885] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3592'. [ 322.519947][ T5821] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 322.693918][T13899] loop2: detected capacity change from 0 to 256 [ 322.737618][ T5821] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 322.773821][ T5821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 322.802380][ T5821] usb 4-1: Product: syz [ 322.806598][ T5821] usb 4-1: Manufacturer: syz [ 322.841939][ T5821] usb 4-1: SerialNumber: syz [ 322.857069][ T5821] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 322.908088][ T54] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 323.423696][ T27] usb 4-1: USB disconnect, device number 21 [ 323.477237][T13917] loop1: detected capacity change from 0 to 16 [ 323.508296][T13917] erofs: (device loop1): mounted with root inode @ nid 36. [ 323.528333][T13919] netlink: 763 bytes leftover after parsing attributes in process `syz.0.3607'. [ 323.749461][T13925] loop0: detected capacity change from 0 to 64 [ 323.894505][T13927] netlink: 'syz.1.3612': attribute type 1 has an invalid length. [ 323.902518][T13927] netlink: 'syz.1.3612': attribute type 2 has an invalid length. [ 324.039416][ T54] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 324.046506][ T54] ath9k_htc: Failed to initialize the device [ 324.112820][ T27] usb 4-1: ath9k_htc: USB layer deinitialized [ 324.152919][T13932] netlink: 'syz.1.3615': attribute type 2 has an invalid length. [ 324.626081][T13921] loop2: detected capacity change from 0 to 40427 [ 324.650266][T13921] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 324.666690][T13921] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 324.682346][T13949] vivid-007: disconnect [ 324.700804][T13948] vivid-007: reconnect [ 324.701462][T13921] F2FS-fs (loop2): heap/no_heap options were deprecated [ 324.753668][T13921] F2FS-fs (loop2): invalid crc value [ 324.783654][T13921] F2FS-fs (loop2): Found nat_bits in checkpoint [ 324.922106][T13921] F2FS-fs (loop2): Try to recover 1th superblock, ret: -30 [ 324.931713][T13921] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 325.019228][T13921] F2FS-fs (loop2): Try to recover all the superblocks, ret: 0 [ 325.033052][T13921] F2FS-fs (loop2): heap/no_heap options were deprecated [ 325.100592][T13961] ieee802154 phy0 wpan0: encryption failed: -22 [ 325.335957][T13964] loop0: detected capacity change from 0 to 4096 [ 325.733858][T13982] loop2: detected capacity change from 0 to 16 [ 325.773717][T13982] erofs: (device loop2): mounted with root inode @ nid 36. [ 325.997948][ T5782] erofs: (device loop2): erofs_fill_dentries: bogus dirent @ nid 46 [ 326.075956][ T5782] erofs: (device loop2): erofs_readdir: invalid de[0].nameoff 0 @ nid 89 [ 326.097823][ T5782] erofs: (device loop2): erofs_readdir: invalid de[0].nameoff 0 @ nid 89 [ 326.349658][ T27] usb 2-1: new full-speed USB device number 18 using dummy_hcd [ 326.367995][T14007] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3650'. [ 326.552019][ T27] usb 2-1: config 0 has an invalid interface number: 120 but max is 0 [ 326.563309][ T27] usb 2-1: config 0 has no interface number 0 [ 326.569656][ T27] usb 2-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 326.580876][ T27] usb 2-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 326.605164][ T27] usb 2-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 326.630439][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.634370][T14017] loop2: detected capacity change from 0 to 1024 [ 326.653324][ T27] usb 2-1: config 0 descriptor?? [ 326.672829][T14020] x_tables: ip6_tables: NETMAP.0 target: invalid size 40 (kernel) != (user) 0 [ 326.687740][ T27] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.120/input/input14 [ 326.828493][ T3514] hfsplus: b-tree write err: -5, ino 4 [ 326.962929][T14024] loop0: detected capacity change from 0 to 4096 [ 327.023222][ T27] usb 2-1: USB disconnect, device number 18 [ 327.046363][T14029] netlink: 'syz.3.3660': attribute type 10 has an invalid length. [ 327.118421][T14029] team0: Device hsr_slave_0 failed to register rx_handler [ 327.657882][T14046] loop3: detected capacity change from 0 to 2048 [ 327.690333][T14049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3667'. [ 327.707394][T14046] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 327.785221][T14046] UDF-fs: unknown compression code (0) [ 328.379621][ T5834] usb 2-1: new low-speed USB device number 19 using dummy_hcd [ 328.578268][T14080] netlink: get zone limit has 8 unknown bytes [ 328.591399][ T5834] usb 2-1: config 1 has an invalid interface descriptor of length 6, skipping [ 328.619716][ T5834] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 328.648785][ T5834] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 328.679375][ T5834] usb 2-1: config 1 has no interface number 1 [ 328.685636][ T5834] usb 2-1: too many endpoints for config 1 interface 2 altsetting 116: 104, using maximum allowed: 30 [ 328.710943][T14065] loop2: detected capacity change from 0 to 32768 [ 328.735845][ T5834] usb 2-1: config 1 interface 2 altsetting 116 has 0 endpoint descriptors, different from the interface descriptor's value: 104 [ 328.760099][T14065] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 328.785170][ T5834] usb 2-1: config 1 interface 2 has no altsetting 1 [ 328.796748][T14065] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 328.819780][T14065] BTRFS info (device loop2): using free space tree [ 328.833940][ T5834] usb 2-1: string descriptor 0 read error: -22 [ 328.842934][ T5834] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 328.861605][ T5834] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.900634][ T5834] usb 2-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0 [ 328.917564][ T5834] usb 2-1: MIDIStreaming interface descriptor not found [ 329.042685][T14065] BTRFS info (device loop2): enabling ssd optimizations [ 329.105893][T14065] BTRFS info (device loop2): auto enabling async discard [ 329.251406][ T9] usb 2-1: USB disconnect, device number 19 [ 329.324133][ T5782] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 329.958278][T14108] loop0: detected capacity change from 0 to 32768 [ 330.759224][T14145] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3706'. [ 330.788915][T14145] (null): rxe_set_mtu: Set mtu to 1024 [ 330.795217][T14145] rdma_rxe: rxe_newlink: failed to add bridge0 [ 330.966310][T14153] loop3: detected capacity change from 0 to 64 [ 331.161930][T14161] batadv0: entered promiscuous mode [ 331.208015][T14161] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 331.350373][T14165] loop3: detected capacity change from 0 to 1024 [ 331.417020][T14165] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 331.472236][T14165] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.549533][T14165] EXT4-fs error (device loop3): ext4_search_dir:1549: inode #2: block 16: comm syz.3.3715: bad entry in directory: inode out of bounds - offset=44, inode=196620, rec_len=16, size=1024 fake=0 [ 331.636371][T14165] EXT4-fs (loop3): Remounting filesystem read-only [ 331.727603][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.924501][T14190] loop3: detected capacity change from 0 to 256 [ 332.084639][T14193] loop1: detected capacity change from 0 to 256 [ 332.120538][ T28] audit: type=1326 audit(2000000171.419:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14194 comm="syz.2.3729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 332.196031][ T28] audit: type=1326 audit(2000000171.419:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14194 comm="syz.2.3729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 332.256158][ T28] audit: type=1326 audit(2000000171.419:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14194 comm="syz.2.3729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 332.271531][T14193] FAT-fs (loop1): Directory bread(block 64) failed [ 332.278517][ C0] vkms_vblank_simulate: vblank timer overrun [ 332.355904][ T28] audit: type=1326 audit(2000000171.419:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14194 comm="syz.2.3729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 332.361715][T14193] FAT-fs (loop1): Directory bread(block 65) failed [ 332.378347][ C0] vkms_vblank_simulate: vblank timer overrun [ 332.427953][ T28] audit: type=1326 audit(2000000171.419:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14194 comm="syz.2.3729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 332.432806][T14193] FAT-fs (loop1): Directory bread(block 66) failed [ 332.485992][T14193] FAT-fs (loop1): Directory bread(block 67) failed [ 332.514433][T14193] FAT-fs (loop1): Directory bread(block 68) failed [ 332.541823][T14193] FAT-fs (loop1): Directory bread(block 69) failed [ 332.548531][T14193] FAT-fs (loop1): Directory bread(block 70) failed [ 332.576754][T14193] FAT-fs (loop1): Directory bread(block 71) failed [ 332.596608][T14193] FAT-fs (loop1): Directory bread(block 72) failed [ 332.608807][T14207] netlink: 'syz.2.3735': attribute type 8 has an invalid length. [ 332.629552][T14193] FAT-fs (loop1): Directory bread(block 73) failed [ 332.661696][T14183] loop0: detected capacity change from 0 to 32768 [ 333.010550][T14213] xt_TCPMSS: Only works on TCP SYN packets [ 333.376618][T14229] loop1: detected capacity change from 0 to 64 [ 334.113363][T14260] loop2: detected capacity change from 0 to 256 [ 334.153172][T14260] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196) [ 334.194275][T14260] FAT-fs (loop2): Filesystem has been set read-only [ 334.259072][T14266] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3764'. [ 334.300120][ T5782] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196) [ 334.493106][T14276] netlink: 'syz.3.3768': attribute type 1 has an invalid length. [ 334.547494][T14276] netlink: 'syz.3.3768': attribute type 2 has an invalid length. [ 334.588671][T14276] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3768'. [ 334.595775][T14280] loop2: detected capacity change from 0 to 512 [ 334.665849][T14280] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.740982][T14280] ext4 filesystem being mounted at /932/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.967017][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.199106][T14271] loop1: detected capacity change from 0 to 40427 [ 335.232917][T14271] F2FS-fs (loop1): invalid crc value [ 335.251810][T14271] F2FS-fs (loop1): Found nat_bits in checkpoint [ 335.379513][T14271] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 335.467724][T14310] netlink: 'syz.0.3782': attribute type 21 has an invalid length. [ 335.499623][T14310] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3782'. [ 335.596755][T14314] loop2: detected capacity change from 0 to 64 [ 335.656917][T14312] loop3: detected capacity change from 0 to 4096 [ 335.700823][T14312] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 335.825936][T14312] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 335.880275][T14312] ntfs3: loop3: Failed to load $Extend (-22). [ 335.888101][T14312] ntfs3: loop3: Failed to initialize $Extend. [ 336.321891][T14332] delete_channel: no stack [ 336.380874][T14334] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 336.393503][T14334] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 336.452853][T14334] Error parsing options; rc = [-22] [ 337.103739][T14357] loop2: detected capacity change from 0 to 64 [ 337.137578][T14338] loop3: detected capacity change from 0 to 32768 [ 337.185243][T14338] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.3796 (14338) [ 337.227891][T14338] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 337.281344][T14338] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 337.300854][T14338] BTRFS info (device loop3): using free space tree [ 337.373452][T14367] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3808'. [ 337.470687][T14338] BTRFS info (device loop3): enabling ssd optimizations [ 337.490762][T14338] BTRFS info (device loop3): auto enabling async discard [ 337.692912][T14348] loop0: detected capacity change from 0 to 32768 [ 337.770745][T14348] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 337.790567][ T5783] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 337.841060][T14395] $H: renamed from bond0 (while UP) [ 337.931553][T14395] $H: entered promiscuous mode [ 337.959341][T14395] bond_slave_0: entered promiscuous mode [ 337.978183][T14395] bond_slave_1: entered promiscuous mode [ 338.047055][T14348] XFS (loop0): Ending clean mount [ 338.077649][T14348] XFS (loop0): Quotacheck needed: Please wait. [ 338.156265][T14348] XFS (loop0): Quotacheck: Done. [ 338.437724][ T5781] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 338.584366][T14408] loop3: detected capacity change from 0 to 2048 [ 338.618697][T14408] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 338.710064][T14413] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 338.849576][ T5820] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 338.984878][T14419] trusted_key: encrypted_key: keylen parameter is missing [ 339.039726][ T5820] usb 2-1: Using ep0 maxpacket: 8 [ 339.048794][ T5820] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 339.073433][ T5820] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 339.104148][ T5820] usb 2-1: config 0 has no interface number 0 [ 339.129853][ T5820] usb 2-1: config 0 interface 52 has no altsetting 0 [ 339.152608][T14424] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3827'. [ 339.161733][ T5820] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 339.161763][ T5820] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.166933][ T5820] usb 2-1: config 0 descriptor?? [ 339.374686][T14433] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3830'. [ 339.629920][T14441] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3836'. [ 339.683791][ T9] usb 2-1: USB disconnect, device number 20 [ 340.004794][T14454] sp0: Synchronizing with TNC [ 341.283940][T14480] loop0: detected capacity change from 0 to 32768 [ 341.524726][T14514] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms [ 341.708765][T14521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3873'. [ 341.737282][T14514] 8021q: adding VLAN 0 to HW filter on device bond0 [ 341.765057][T14521] netlink: 312 bytes leftover after parsing attributes in process `syz.2.3873'. [ 341.774637][T14517] netlink: 'syz.3.3872': attribute type 5 has an invalid length. [ 342.016747][T14531] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3879'. [ 342.455201][T14549] loop1: detected capacity change from 0 to 256 [ 342.686646][T14555] veth1_vlan: left allmulticast mode [ 342.781562][T14555] bridge2: left allmulticast mode [ 342.812558][T14555] bond3: left allmulticast mode [ 343.521514][T14586] IPv6: Can't replace route, no match found [ 343.565556][T14588] $H: renamed from bond0 (while UP) [ 343.603225][T14588] $H: entered promiscuous mode [ 343.619054][T14588] : entered promiscuous mode [ 343.634095][T14588] bond_slave_1: entered promiscuous mode [ 343.828440][T14578] loop2: detected capacity change from 0 to 40427 [ 343.850008][T14578] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 343.858113][T14578] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 343.890819][T14578] F2FS-fs (loop2): invalid crc value [ 343.939950][T14578] F2FS-fs (loop2): Found nat_bits in checkpoint [ 344.052991][T14578] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 344.079428][T14578] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 344.149081][T14606] loop3: detected capacity change from 0 to 256 [ 344.217070][T14606] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 344.295450][ T11] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 344.341992][ T11] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 344.371595][T14606] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 344.444872][T14612] loop1: detected capacity change from 0 to 256 [ 344.563896][T14612] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00000001) [ 344.892618][T14624] netlink: 'syz.3.3923': attribute type 21 has an invalid length. [ 344.934016][T14624] netlink: 'syz.3.3923': attribute type 1 has an invalid length. [ 345.497579][T14648] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 345.508477][ T5848] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 345.677448][T14656] netlink: 'syz.3.3939': attribute type 2 has an invalid length. [ 345.699606][ T5848] usb 1-1: Using ep0 maxpacket: 16 [ 345.707538][ T5848] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 345.722250][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 345.751353][ T5848] usb 1-1: config 0 descriptor?? [ 345.758958][ T5848] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 345.886190][T14664] netlink: 'syz.1.3942': attribute type 1 has an invalid length. [ 345.970605][ T5848] usb 1-1: Detected FT232A [ 345.987620][ T5848] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 346.211979][ T5848] usb 1-1: USB disconnect, device number 19 [ 346.239172][ T5848] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 346.272647][ T5848] ftdi_sio 1-1:0.0: device disconnected [ 346.615542][T14692] cgroup: noprefix used incorrectly [ 346.747056][T14697] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3959'. [ 346.799402][ T5820] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 347.024645][ T5820] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 347.050551][ T5820] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.084652][ T5820] usb 3-1: Product: syz [ 347.091060][ T5820] usb 3-1: Manufacturer: syz [ 347.109524][ T5820] usb 3-1: SerialNumber: syz [ 347.130730][ T5820] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 347.167739][ T5820] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 347.240440][T14710] loop1: detected capacity change from 0 to 4096 [ 347.268687][T14710] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 347.327020][T14718] loop3: detected capacity change from 0 to 64 [ 347.345310][T14710] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 347.530608][T14720] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3971'. [ 347.540172][T14720] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3971'. [ 347.549575][ T23] usb 1-1: new full-speed USB device number 20 using dummy_hcd [ 347.664922][ T5848] usb 3-1: USB disconnect, device number 18 [ 347.762313][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 347.779355][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 347.789175][ T23] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 347.798832][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.811248][ T23] usb 1-1: config 0 descriptor?? [ 347.821873][ T23] hub 1-1:0.0: USB hub found [ 348.039469][ T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 348.050596][T14736] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3979'. [ 348.066055][ T23] hub 1-1:0.0: 1 port detected [ 348.209765][T14740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 348.239616][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 348.246679][ T9] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 348.259581][ T9] usb 2-1: config 0 has no interface number 0 [ 348.261441][ T23] hub 1-1:0.0: hub_hub_status failed (err = -71) [ 348.267892][ T9] usb 2-1: New USB device found, idVendor=1c04, idProduct=0015, bcdDevice=f7.bd [ 348.279313][ T5820] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 348.292441][ T23] hub 1-1:0.0: config failed, can't get hub status (err -71) [ 348.300055][ T5820] ath9k_htc: Failed to initialize the device [ 348.306306][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.317292][ T23] usbhid 1-1:0.0: can't add hid device: -71 [ 348.321153][ T5848] usb 3-1: ath9k_htc: USB layer deinitialized [ 348.338155][ T9] usb 2-1: Product: syz [ 348.343318][ T9] usb 2-1: Manufacturer: syz [ 348.347932][ T9] usb 2-1: SerialNumber: syz [ 348.349611][ T23] usbhid: probe of 1-1:0.0 failed with error -71 [ 348.368485][ T9] usb 2-1: config 0 descriptor?? [ 348.432603][ T23] usb 1-1: USB disconnect, device number 20 [ 348.625570][ T9] usb 2-1: USB disconnect, device number 21 [ 348.775513][T14754] loop2: detected capacity change from 0 to 8 [ 348.874387][ T28] audit: type=1800 audit(2000000188.169:170): pid=14754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3988" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 349.138955][T14763] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 349.483708][T14777] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 349.907597][T14798] netlink: 'syz.1.4011': attribute type 10 has an invalid length. [ 349.925849][T14798] $H: left promiscuous mode [ 349.933615][T14798] bond_slave_0: left promiscuous mode [ 349.945361][T14798] bond_slave_1: left promiscuous mode [ 350.137359][T14808] loop1: detected capacity change from 0 to 1024 [ 350.309603][ T23] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 350.525382][ T23] usb 3-1: Using ep0 maxpacket: 32 [ 350.540847][ T23] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 350.557175][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.584178][ T23] usb 3-1: config 0 descriptor?? [ 350.604713][ T23] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 350.828060][T14836] loop1: detected capacity change from 0 to 64 [ 350.926686][T14838] loop0: detected capacity change from 0 to 512 [ 350.954170][T14838] EXT4-fs: Ignoring removed i_version option [ 350.969164][T14838] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 350.995402][T14838] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0002] [ 351.020983][T14838] System zones: 1-12 [ 351.030762][ T23] gspca_nw80x: reg_r err -71 [ 351.049120][T14838] EXT4-fs (loop0): orphan cleanup on readonly fs [ 351.057230][ T23] nw80x: probe of 3-1:0.0 failed with error -71 [ 351.084353][T14838] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.4030: invalid indirect mapped block 12 (level 1) [ 351.108625][ T23] usb 3-1: USB disconnect, device number 19 [ 351.124165][T14838] EXT4-fs (loop0): Remounting filesystem read-only [ 351.141614][T14838] EXT4-fs (loop0): 1 truncate cleaned up [ 351.187846][T14838] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 351.263999][ T28] audit: type=1326 audit(2000000190.559:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14847 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 351.306335][ T28] audit: type=1326 audit(2000000190.589:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14847 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 351.330691][ T28] audit: type=1326 audit(2000000190.589:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14847 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 351.333808][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 351.353599][ T28] audit: type=1326 audit(2000002768.595:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14847 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 351.401360][ T28] audit: type=1326 audit(2000002768.595:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14847 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 352.216864][T14882] loop3: detected capacity change from 0 to 256 [ 352.543936][T14895] (unnamed net_device) (uninitialized): option use_carrier: invalid value (13) [ 352.786486][T14908] loop2: detected capacity change from 0 to 24 [ 352.790535][T14909] loop0: detected capacity change from 0 to 256 [ 352.800432][T14908] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 352.820545][T14909] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 352.854302][T14908] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 352.941968][T14908] romfs: read error for inode 0x70040 [ 352.961895][T14911] loop3: detected capacity change from 0 to 128 [ 353.015792][T14913] netlink: 'syz.1.4066': attribute type 4 has an invalid length. [ 353.036109][T14913] netlink: 17 bytes leftover after parsing attributes in process `syz.1.4066'. [ 353.306802][ T28] audit: type=1326 audit(2000002770.596:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14918 comm="syz.1.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19d5d8e929 code=0x7ffc0000 [ 353.336703][ T28] audit: type=1326 audit(2000002770.596:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14918 comm="syz.1.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19d5d8e929 code=0x7ffc0000 [ 353.380651][T14922] bond4: entered promiscuous mode [ 353.385754][T14922] bond4: entered allmulticast mode [ 353.389331][ T28] audit: type=1326 audit(2000002770.616:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14918 comm="syz.1.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f19d5d8e929 code=0x7ffc0000 [ 353.391567][T14922] 8021q: adding VLAN 0 to HW filter on device bond4 [ 353.424939][T14917] loop2: detected capacity change from 0 to 4096 [ 353.448745][ T28] audit: type=1326 audit(2000002770.616:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14918 comm="syz.1.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19d5d8e929 code=0x7ffc0000 [ 353.450694][T14917] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 353.608683][T14917] ntfs3: loop2: ino=3, ntfs_set_state failed, -22. [ 353.629449][T14917] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 353.720572][T14932] loop1: detected capacity change from 0 to 512 [ 353.752471][T14917] ntfs3: loop2: ino=5, "/" directory corrupted [ 353.761240][T14932] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 353.796728][T14932] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 353.826287][T14932] EXT4-fs (loop1): orphan cleanup on readonly fs [ 353.833715][T14932] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.4075: bad orphan inode 267 [ 353.844922][T14932] EXT4-fs (loop1): Remounting filesystem read-only [ 353.853876][T14932] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 353.893926][T14932] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.4075: dx entry: limit 0 != root limit 125 [ 353.923856][ T12] ntfs3: loop2: ino=3, ntfs3_write_inode failed, -22. [ 353.945869][T14932] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.4075: Corrupt directory, running e2fsck is recommended [ 353.960289][ T5782] ntfs3: loop2: ino=3, ntfs_set_state failed, -22. [ 353.966839][ T5782] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 353.986868][ T5782] ntfs3: loop2: ino=3, ntfs_set_state failed, -22. [ 353.997459][ T12] ntfs3: loop2: ino=3, ntfs3_write_inode failed, -22. [ 354.116170][ T5780] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 354.118284][T14943] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4081'. [ 354.286548][T14949] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4082'. [ 354.629992][ T5821] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 354.849303][ T5821] usb 1-1: Using ep0 maxpacket: 8 [ 354.867430][ T5821] usb 1-1: config 0 has an invalid interface number: 150 but max is 0 [ 354.888154][ T5821] usb 1-1: config 0 has an invalid interface number: 112 but max is 0 [ 354.900854][ T5821] usb 1-1: config 0 has an invalid interface number: 3 but max is 0 [ 354.929251][ T5821] usb 1-1: config 0 has 3 interfaces, different from the descriptor's value: 1 [ 354.958643][ T5821] usb 1-1: config 0 has no interface number 0 [ 354.972984][ T5821] usb 1-1: config 0 has no interface number 1 [ 354.998256][ T5821] usb 1-1: config 0 has no interface number 2 [ 355.014846][ T5821] usb 1-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 355.021659][T14979] loop1: detected capacity change from 0 to 256 [ 355.047965][ T5821] usb 1-1: too many endpoints for config 0 interface 112 altsetting 233: 104, using maximum allowed: 30 [ 355.093157][ T5821] usb 1-1: config 0 interface 112 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 104 [ 355.093196][ T5821] usb 1-1: config 0 interface 150 has no altsetting 0 [ 355.093214][ T5821] usb 1-1: config 0 interface 112 has no altsetting 0 [ 355.093252][ T5821] usb 1-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 355.093274][ T5821] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 355.095706][ T5821] usb 1-1: config 0 descriptor?? [ 355.097227][T14979] FAT-fs (loop1): Directory bread(block 64) failed [ 355.097260][T14979] FAT-fs (loop1): Directory bread(block 65) failed [ 355.097347][T14979] FAT-fs (loop1): Directory bread(block 66) failed [ 355.097371][T14979] FAT-fs (loop1): Directory bread(block 67) failed [ 355.097455][T14979] FAT-fs (loop1): Directory bread(block 68) failed [ 355.097479][T14979] FAT-fs (loop1): Directory bread(block 69) failed [ 355.097560][T14979] FAT-fs (loop1): Directory bread(block 70) failed [ 355.097584][T14979] FAT-fs (loop1): Directory bread(block 71) failed [ 355.097661][T14979] FAT-fs (loop1): Directory bread(block 72) failed [ 355.097683][T14979] FAT-fs (loop1): Directory bread(block 73) failed [ 355.460195][T14989] ip6t_srh: unknown srh invflags 7D00 [ 355.517971][ T5821] usb 1-1: string descriptor 0 read error: -71 [ 355.577105][ T5821] usb 1-1: USB disconnect, device number 21 [ 355.971897][T15007] loop1: detected capacity change from 0 to 256 [ 355.989797][T15007] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 356.171578][T15011] bond2: entered promiscuous mode [ 356.176664][T15011] bond2: entered allmulticast mode [ 356.182221][T15011] 8021q: adding VLAN 0 to HW filter on device bond2 [ 356.198845][ T5821] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 356.376431][T15022] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4119'. [ 356.388928][ T5821] usb 4-1: Using ep0 maxpacket: 8 [ 356.405362][T15022] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4119'. [ 356.413042][ T5821] usb 4-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb [ 356.421362][T15022] tc_dump_action: action bad kind [ 356.441040][ T5821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 356.458739][ T5821] usb 4-1: Product: syz [ 356.462944][ T5821] usb 4-1: Manufacturer: syz [ 356.467549][ T5821] usb 4-1: SerialNumber: syz [ 356.948801][ T5821] mxuport 4-1:254.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71) [ 356.962055][ T5821] mxuport: probe of 4-1:254.0 failed with error -5 [ 356.967846][T15042] loop1: detected capacity change from 0 to 256 [ 356.979857][ T5821] usb 4-1: USB disconnect, device number 22 [ 357.048961][T15046] IPv6: NLM_F_REPLACE set, but no existing node found! [ 357.071180][T15042] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 357.337957][T15052] loop2: detected capacity change from 0 to 256 [ 357.425108][T15052] FAT-fs (loop2): Directory bread(block 64) failed [ 357.432013][T15052] FAT-fs (loop2): Directory bread(block 65) failed [ 357.454167][T15052] FAT-fs (loop2): Directory bread(block 66) failed [ 357.468869][T15052] FAT-fs (loop2): Directory bread(block 67) failed [ 357.475613][T15052] FAT-fs (loop2): Directory bread(block 68) failed [ 357.488775][T15052] FAT-fs (loop2): Directory bread(block 69) failed [ 357.499328][T15052] FAT-fs (loop2): Directory bread(block 70) failed [ 357.505976][T15052] FAT-fs (loop2): Directory bread(block 71) failed [ 357.558458][T15052] FAT-fs (loop2): Directory bread(block 72) failed [ 357.565228][T15052] FAT-fs (loop2): Directory bread(block 73) failed [ 357.706443][T15044] loop0: detected capacity change from 0 to 32768 [ 357.796724][T15062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4139'. [ 357.797036][T15044] jfs_lookup: iget failed on inum 32 [ 357.805801][T15062] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4139'. [ 357.842551][T15044] jfs_lookup: iget failed on inum 32 [ 358.652982][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 358.652997][ T28] audit: type=1326 audit(2000002775.946:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15089 comm="syz.0.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 358.714430][ T28] audit: type=1326 audit(2000002775.946:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15089 comm="syz.0.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 358.819734][ T28] audit: type=1326 audit(2000002775.986:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15089 comm="syz.0.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 358.906538][ T28] audit: type=1326 audit(2000002775.986:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15089 comm="syz.0.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 358.965888][ T28] audit: type=1326 audit(2000002775.986:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15089 comm="syz.0.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 359.160267][T15109] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4162'. [ 359.192637][T15109] openvswitch: netlink: Key type 2832 is out of range max 32 [ 359.785102][T15135] loop3: detected capacity change from 0 to 1024 [ 360.318634][T15160] libceph: resolve '0' (ret=-3): failed [ 360.368471][T15165] binder: 15164:15165 ioctl c018620c 200000000100 returned -1 [ 360.816180][T15184] loop2: detected capacity change from 0 to 128 [ 360.842044][T15179] loop3: detected capacity change from 0 to 4096 [ 360.889236][T15179] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 361.410319][T15202] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4206'. [ 361.456200][T15202] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4206'. [ 361.492130][T15204] loop0: detected capacity change from 0 to 2048 [ 361.557631][T15204] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 361.581478][T15213] devtmpfs: Unknown parameter 'GPL' [ 361.674702][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.758405][ T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 361.967230][ T9] usb 2-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 361.978435][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 361.986457][ T9] usb 2-1: Product: syz [ 361.992145][ T9] usb 2-1: Manufacturer: syz [ 361.997054][ T9] usb 2-1: SerialNumber: syz [ 362.020498][ T9] usb 2-1: config 0 descriptor?? [ 362.171711][ T5834] usb 4-1: new full-speed USB device number 23 using dummy_hcd [ 362.263752][ T9] int51x1: probe of 2-1:0.0 failed with error -22 [ 362.390286][ T5834] usb 4-1: config 8 has an invalid interface number: 223 but max is 0 [ 362.402473][ T5834] usb 4-1: config 8 contains an unexpected descriptor of type 0x1, skipping [ 362.412289][ T5834] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 362.433240][ T5834] usb 4-1: config 8 has no interface number 0 [ 362.448081][ T5834] usb 4-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 15872, setting to 64 [ 362.461901][ T5834] usb 4-1: config 8 interface 223 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 362.479812][ T5834] usb 4-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 362.490036][ T5834] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 362.508321][ T9] usb 2-1: USB disconnect, device number 22 [ 362.520113][ T5834] usb 4-1: Product: syz [ 362.524330][ T5834] usb 4-1: Manufacturer: syz [ 362.559496][ T5834] usb 4-1: SerialNumber: syz [ 362.790777][T15255] netlink: 'syz.2.4230': attribute type 4 has an invalid length. [ 362.824703][ T5834] usb 4-1: USB disconnect, device number 23 [ 362.872150][T15257] deleting an unspecified loop device is not supported. [ 363.001794][T15261] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4234'. [ 363.013901][T15261] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4234'. [ 363.025900][T15261] netlink: 31 bytes leftover after parsing attributes in process `syz.2.4234'. [ 363.037426][T15261] netlink: 'syz.2.4234': attribute type 3 has an invalid length. [ 363.071053][T15261] netlink: 'syz.2.4234': attribute type 2 has an invalid length. [ 363.092335][T15261] netlink: 31 bytes leftover after parsing attributes in process `syz.2.4234'. [ 363.518617][T15275] loop2: detected capacity change from 0 to 4096 [ 363.976320][T15295] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 364.161435][T15298] loop2: detected capacity change from 0 to 1024 [ 364.187095][T15277] loop1: detected capacity change from 0 to 32768 [ 364.216797][T15298] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 364.309609][T15277] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 364.495436][T15298] EXT4-fs warning (device loop2): empty_inline_dir:1838: bad inline directory (dir #12) - no `..' [ 364.556773][T15322] loop3: detected capacity change from 0 to 256 [ 364.580783][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.602482][T15322] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 364.763332][T15324] netlink: 22 bytes leftover after parsing attributes in process `syz.0.4259'. [ 364.806376][T15277] XFS (loop1): Ending clean mount [ 364.830628][T15277] XFS (loop1): Quotacheck needed: Please wait. [ 365.023735][T15334] netlink: 'syz.2.4263': attribute type 10 has an invalid length. [ 365.049730][T15277] XFS (loop1): Quotacheck: Done. [ 365.175988][T15330] loop3: detected capacity change from 0 to 4096 [ 365.263770][ T5780] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 365.269719][T15330] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 365.596762][T15348] overlayfs: conflicting options: userxattr,redirect_dir=on [ 366.129071][T15370] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4282'. [ 366.354033][ T28] audit: type=1326 audit(2000002783.637:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.2.4287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 366.404232][ T28] audit: type=1326 audit(2000002783.637:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.2.4287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 366.498455][ T28] audit: type=1326 audit(2000002783.647:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.2.4287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 366.607611][ T28] audit: type=1326 audit(2000002783.647:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.2.4287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 366.658492][T15388] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (2878) [ 366.669335][ T28] audit: type=1326 audit(2000002783.647:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.2.4287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9298e929 code=0x7ffc0000 [ 366.697563][T15388] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 366.940651][T15390] loop0: detected capacity change from 0 to 4096 [ 366.981951][T15390] ntfs3: loop0: ino=3, Correct links count -> 2. [ 367.534460][T15410] xt_CT: You must specify a L4 protocol and not use inversions on it [ 367.541978][T15378] loop3: detected capacity change from 0 to 40427 [ 367.582041][T15378] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 367.620597][T15412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4302'. [ 367.629970][T15378] F2FS-fs (loop3): Image doesn't support compression [ 367.658149][T15378] F2FS-fs (loop3): Image doesn't support compression [ 367.701155][T15378] F2FS-fs (loop3): invalid crc value [ 367.785291][T15378] F2FS-fs (loop3): Found nat_bits in checkpoint [ 367.926974][T15378] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 368.031353][T15378] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 368.045630][ T28] audit: type=1326 audit(2000002785.337:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15425 comm="syz.0.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 368.060655][T15378] F2FS-fs (loop3): Image doesn't support compression [ 368.085417][T15378] F2FS-fs (loop3): Image doesn't support compression [ 368.096314][ T28] audit: type=1326 audit(2000002785.337:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15425 comm="syz.0.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 368.145170][ T28] audit: type=1326 audit(2000002785.377:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15425 comm="syz.0.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 368.175634][ T28] audit: type=1326 audit(2000002785.377:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15425 comm="syz.0.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 368.275665][ T28] audit: type=1326 audit(2000002785.377:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15425 comm="syz.0.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 368.762247][T15452] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 368.849297][T15454] netlink: 'syz.3.4314': attribute type 3 has an invalid length. [ 368.926531][T15458] netlink: 129384 bytes leftover after parsing attributes in process `syz.0.4326'. [ 368.967000][T15462] netlink: 'syz.1.4325': attribute type 6 has an invalid length. [ 369.140697][T15468] loop2: detected capacity change from 0 to 256 [ 369.212036][T15468] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 369.417370][T15478] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4334'. [ 369.755161][T15484] xt_hashlimit: max too large, truncated to 1048576 [ 369.839838][T15488] loop0: detected capacity change from 0 to 256 [ 369.885596][T15486] bond0: Error: Cannot enslave bond to itself. [ 369.922125][T15488] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x467a0815, utbl_chksum : 0xe619d30d) [ 369.977445][T15488] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 370.050760][T15494] loop3: detected capacity change from 0 to 256 [ 370.140439][T15494] FAT-fs (loop3): Directory bread(block 64) failed [ 370.157297][T15494] FAT-fs (loop3): Directory bread(block 65) failed [ 370.163991][T15494] FAT-fs (loop3): Directory bread(block 66) failed [ 370.227217][T15494] FAT-fs (loop3): Directory bread(block 67) failed [ 370.234451][T15494] FAT-fs (loop3): Directory bread(block 68) failed [ 370.260526][T15494] FAT-fs (loop3): Directory bread(block 69) failed [ 370.276631][T15494] FAT-fs (loop3): Directory bread(block 70) failed [ 370.294086][T15494] FAT-fs (loop3): Directory bread(block 71) failed [ 370.314094][T15494] FAT-fs (loop3): Directory bread(block 72) failed [ 370.339129][T15494] FAT-fs (loop3): Directory bread(block 73) failed [ 370.474485][ T59] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.597114][ T5848] usb 2-1: new full-speed USB device number 23 using dummy_hcd [ 370.617451][ T59] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.766896][ T59] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.827184][ T5848] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 370.863652][ T5848] usb 2-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 370.881922][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.917069][ T5848] usb 2-1: Product: syz [ 370.921291][ T5848] usb 2-1: Manufacturer: syz [ 370.937166][ T5848] usb 2-1: SerialNumber: syz [ 370.945537][ T59] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.965578][ T5848] usb 2-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 371.076480][T15511] loop0: detected capacity change from 0 to 128 [ 371.183025][T15511] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 371.240969][T15511] ext4 filesystem being mounted at /1138/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 371.308894][ T5103] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 371.322423][ T5103] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 371.331748][ T5103] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 371.357252][ T5103] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 371.368558][ T5103] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 371.376319][ T5103] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 371.421570][ T5785] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 371.431931][ T5785] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 371.439593][ T5785] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 371.446116][ T5781] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 371.449250][ T5848] usb 2-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 371.476940][ T5785] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 371.487297][ T5785] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 371.508459][ T5785] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 371.525236][ T5848] usb 2-1: USB disconnect, device number 23 [ 371.865537][T15516] lo speed is unknown, defaulting to 1000 [ 372.066963][ T5848] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 372.259830][ T5848] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 213 [ 372.272598][ T54] usb 2-1: new full-speed USB device number 24 using dummy_hcd [ 372.290721][ T5848] usb 1-1: config 0 has an invalid descriptor of length 163, skipping remainder of the config [ 372.312047][ T5848] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4 [ 372.344664][ T5848] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 372.364583][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.385832][ T5848] usb 1-1: Product: syz [ 372.400517][ T5848] usb 1-1: Manufacturer: syz [ 372.416110][ T5848] usb 1-1: SerialNumber: syz [ 372.450573][ T5848] usb 1-1: config 0 descriptor?? [ 372.469276][ T5848] usb-storage 1-1:0.0: USB Mass Storage device detected [ 372.478028][ T54] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 372.488372][ T54] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.511604][ T5848] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 372.528814][ T54] usb 2-1: config 0 descriptor?? [ 372.562765][ T54] cp210x 2-1:0.0: cp210x converter detected [ 372.683934][T15553] loop3: detected capacity change from 0 to 256 [ 372.718533][T15553] exfat: Deprecated parameter 'namecase' [ 372.724286][T15553] exfat: Deprecated parameter 'namecase' [ 372.770216][ T5820] usb 1-1: USB disconnect, device number 22 [ 372.819497][T15553] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 372.968786][T15553] UBIFS error (pid: 15553): cannot open "./file0", error -22 [ 373.005185][ T54] cp210x 2-1:0.0: failed to get vendor val 0x370c size 13: -71 [ 373.038273][ T54] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 373.050451][ T54] usb 2-1: cp210x converter now attached to ttyUSB0 [ 373.088538][ T54] usb 2-1: USB disconnect, device number 24 [ 373.125599][ T54] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 373.148497][ T54] cp210x 2-1:0.0: device disconnected [ 373.251340][ T59] IPVS: stopping backup sync thread 8115 ... [ 373.357339][T15565] loop3: detected capacity change from 0 to 1024 [ 373.404632][T15565] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 373.504600][T15565] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 373.531283][T15516] chnl_net:caif_netlink_parms(): no params data found [ 373.550889][ T5103] Bluetooth: hci2: command tx timeout [ 373.576980][T15565] EXT4-fs (loop3): Remounting filesystem read-only [ 373.584770][T15565] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1614: inode #18: comm syz.3.4367: cleanup dec ref error -28 [ 373.808034][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.131422][T15588] netlink: 288 bytes leftover after parsing attributes in process `syz.1.4373'. [ 374.167679][T15592] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 374.354716][T15604] loop0: detected capacity change from 0 to 128 [ 374.377651][T15604] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 374.405740][T15606] SET target dimension over the limit! [ 374.426136][T15604] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 374.447720][T15516] bridge0: port 1(bridge_slave_0) entered blocking state [ 374.458815][T15516] bridge0: port 1(bridge_slave_0) entered disabled state [ 374.466084][T15516] bridge_slave_0: entered allmulticast mode [ 374.515976][T15516] bridge_slave_0: entered promiscuous mode [ 374.556875][T15516] bridge0: port 2(bridge_slave_1) entered blocking state [ 374.564113][T15516] bridge0: port 2(bridge_slave_1) entered disabled state [ 374.622209][T15516] bridge_slave_1: entered allmulticast mode [ 374.654470][T15516] bridge_slave_1: entered promiscuous mode [ 374.816201][T15614] UBIFS error (pid: 15614): cannot open "./file0", error -22 [ 375.013460][T15516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 375.092964][T15622] Cannot find del_set index 6 as target [ 375.121888][T15516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 375.425386][ T59] hsr_slave_0: left promiscuous mode [ 375.506607][ T59] hsr_slave_1: left promiscuous mode [ 375.548447][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 375.556006][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 375.590263][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 375.606791][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 375.620375][ T59] bridge_slave_1: left allmulticast mode [ 375.626211][ T59] bridge_slave_1: left promiscuous mode [ 375.632521][ T5103] Bluetooth: hci2: command tx timeout [ 375.653587][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 375.719514][ T59] bridge_slave_0: left allmulticast mode [ 375.725216][ T59] bridge_slave_0: left promiscuous mode [ 375.752563][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 375.799196][T15642] loop0: detected capacity change from 0 to 4096 [ 375.858191][ T59] veth1_macvtap: left promiscuous mode [ 375.864710][ T59] veth0_macvtap: left promiscuous mode [ 375.889353][ T59] veth1_vlan: left promiscuous mode [ 376.479394][ T59] bond2 (unregistering): Released all slaves [ 376.915281][ T59] bond1 (unregistering): Released all slaves [ 377.471439][T15670] loop0: detected capacity change from 0 to 32768 [ 377.500245][T15670] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 377.613783][T15670] XFS (loop0): Ending clean mount [ 377.706605][ T5103] Bluetooth: hci2: command tx timeout [ 377.755734][ T5781] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 377.823572][ T59] team0 (unregistering): Port device team_slave_1 removed [ 377.985127][ T59] team0 (unregistering): Port device C removed [ 378.071211][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 378.123648][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 378.641143][ T59] bond0 (unregistering): Released all slaves [ 378.733425][T15516] team0: Port device team_slave_0 added [ 378.743942][T15516] team0: Port device team_slave_1 added [ 378.762106][T15638] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 46261 - 0 [ 378.772730][T15638] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 46261 - 0 [ 378.806251][T15638] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 46261 - 0 [ 378.815093][T15638] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 46261 - 0 [ 378.837489][T15638] netdevsim netdevsim3 netdevsim0: set [1, 2] type 2 family 0 port 44884 - 0 [ 378.846403][T15638] netdevsim netdevsim3 netdevsim1: set [1, 2] type 2 family 0 port 44884 - 0 [ 378.855201][T15638] netdevsim netdevsim3 netdevsim2: set [1, 2] type 2 family 0 port 44884 - 0 [ 378.864047][T15638] netdevsim netdevsim3 netdevsim3: set [1, 2] type 2 family 0 port 44884 - 0 [ 378.873101][T15638] geneve2: entered promiscuous mode [ 378.878526][T15638] geneve2: entered allmulticast mode [ 379.061756][T15516] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 379.070922][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.077999][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.117545][T15516] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 379.151040][T15516] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 379.164122][T15516] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 379.208483][T15516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 379.234387][ C1] vkms_vblank_simulate: vblank timer overrun [ 379.280770][T15516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 379.426200][T15516] hsr_slave_0: entered promiscuous mode [ 379.466392][T15516] hsr_slave_1: entered promiscuous mode [ 379.476848][T15516] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 379.484482][T15516] Cannot create hsr debugfs directory [ 379.789898][ T5103] Bluetooth: hci2: command tx timeout [ 380.290554][T15725] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4422'. [ 380.359496][T15516] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 380.424685][T15516] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 380.469366][T15516] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 380.533737][T15516] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 380.806566][T15757] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4432'. [ 380.910498][T15516] 8021q: adding VLAN 0 to HW filter on device bond0 [ 380.994039][T15516] 8021q: adding VLAN 0 to HW filter on device team0 [ 381.044382][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 381.051595][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 381.102557][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 381.111853][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 381.833491][T15516] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 382.016146][ T9] usb 4-1: new low-speed USB device number 24 using dummy_hcd [ 382.089738][T15807] loop0: detected capacity change from 0 to 256 [ 382.230484][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=08b1, bcdDevice=6d.2a [ 382.252527][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.306916][ T9] usb 4-1: config 0 descriptor?? [ 382.326725][ T9] pwc: Logitech QuickCam Notebook Pro USB webcam detected. [ 382.435762][T15818] i2c i2c-0: Invalid block write size 34 [ 382.531867][ T9] pwc: Failed to set LED on/off time (-71) [ 382.571819][ T9] pwc: send_video_command error -71 [ 382.596664][ T9] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 382.604294][ T9] Philips webcam: probe of 4-1:0.0 failed with error -71 [ 382.642490][ T9] usb 4-1: USB disconnect, device number 24 [ 382.652087][T15516] veth0_vlan: entered promiscuous mode [ 382.681628][T15516] veth1_vlan: entered promiscuous mode [ 382.721849][T15516] veth0_macvtap: entered promiscuous mode [ 382.735405][T15516] veth1_macvtap: entered promiscuous mode [ 382.763467][T15516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 382.775066][T15516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.786426][T15516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 382.797103][T15516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.805707][ T5848] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 382.807105][T15516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 382.825252][T15516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.842753][T15516] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 382.863574][T15516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 382.874477][T15516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.884486][T15516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 382.894992][T15516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.905090][T15516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 382.916712][T15516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.927029][ T5820] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 382.932694][T15516] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 382.952465][T15516] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.962345][T15516] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.971874][T15516] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.980905][T15516] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.999523][ T5848] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 383.009838][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.017999][ T5848] usb 2-1: Product: syz [ 383.022735][ T5848] usb 2-1: Manufacturer: syz [ 383.037066][ T5848] usb 2-1: SerialNumber: syz [ 383.092820][ T5848] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 383.128583][ T5820] usb 1-1: unable to get BOS descriptor or descriptor too short [ 383.138262][ T54] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 383.178796][ T5820] usb 1-1: config 4 has an invalid interface number: 196 but max is 0 [ 383.180351][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 383.209101][ T5820] usb 1-1: config 4 has no interface number 0 [ 383.215260][ T5820] usb 1-1: config 4 interface 196 has no altsetting 0 [ 383.235481][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 383.248992][ T5820] usb 1-1: New USB device found, idVendor=0471, idProduct=209e, bcdDevice=b6.64 [ 383.277377][T15829] tmpfs: Bad value for 'mpol' [ 383.282708][ T5820] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.325529][ T5820] usb 1-1: Product: syz [ 383.336232][ T5820] usb 1-1: Manufacturer: syz [ 383.349163][ T1315] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 383.358173][ T5820] usb 1-1: SerialNumber: syz [ 383.405980][ T1315] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 383.471336][T15832] misc userio: The device must be registered before sending interrupts [ 383.622706][ T5820] usb 1-1: ath9k_htc: Device endpoint numbers are not the expected ones [ 383.661201][ T5834] usb 2-1: USB disconnect, device number 25 [ 383.709169][ T5820] usb 1-1: USB disconnect, device number 23 [ 383.718396][T15836] loop4: detected capacity change from 0 to 512 [ 383.738543][T15836] ext4: Unknown parameter 'permit_directio' [ 384.265548][ T54] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 384.293009][ T54] ath9k_htc: Failed to initialize the device [ 384.351393][ T5834] usb 2-1: ath9k_htc: USB layer deinitialized [ 384.469645][T15862] netlink: 'syz.0.4464': attribute type 10 has an invalid length. [ 384.571412][T15862] bridge0: port 4(team0) entered disabled state [ 384.632238][T15862] team0: left allmulticast mode [ 384.638061][T15862] team_slave_0: left allmulticast mode [ 384.645769][T15862] team_slave_1: left allmulticast mode [ 384.652488][T15868] loop1: detected capacity change from 0 to 256 [ 384.660249][T15862] team0: left promiscuous mode [ 384.665161][T15862] team_slave_0: left promiscuous mode [ 384.691284][T15862] team_slave_1: left promiscuous mode [ 384.713638][T15862] bridge0: port 4(team0) entered disabled state [ 384.789406][T15862] batman_adv: batadv0: Adding interface: team0 [ 384.813323][T15862] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 384.868194][T15862] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 384.998568][T15878] netlink: 3 bytes leftover after parsing attributes in process `syz.1.4471'. [ 385.324182][T15889] loop3: detected capacity change from 0 to 8 [ 386.216541][T15921] netlink: 'syz.4.4486': attribute type 7 has an invalid length. [ 386.862520][T15943] 9pnet_fd: p9_fd_create_tcp (15943): problem connecting socket to 127.0.0.1 [ 387.766725][ C1] sd 0:0:1:0: [sda] tag#396 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 387.777237][ C1] sd 0:0:1:0: [sda] tag#396 CDB: Read(6) 08 00 9f d1 fe de [ 388.616250][T16008] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.798265][T16011] vxcan3: entered promiscuous mode [ 388.813729][T16011] vxcan3: entered allmulticast mode [ 388.895508][T16013] loop3: detected capacity change from 0 to 1756 [ 388.907680][T15985] loop1: detected capacity change from 0 to 40427 [ 388.934569][T15994] loop4: detected capacity change from 0 to 32768 [ 388.959657][T15985] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 388.993666][T15985] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 389.028061][T15985] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x7ffff [ 389.065781][T16023] netlink: 452 bytes leftover after parsing attributes in process `syz.0.4522'. [ 389.096866][T15985] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x6 [ 389.142047][T15985] F2FS-fs (loop1): invalid crc value [ 389.149605][T15994] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 389.201260][T15985] F2FS-fs (loop1): Found nat_bits in checkpoint [ 389.254186][T16013] affs: No valid root block on device nbd3 [ 389.332707][T15985] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 389.405144][T15985] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 389.495319][T15994] XFS (loop4): Ending clean mount [ 389.534837][T15994] XFS (loop4): Quotacheck needed: Please wait. [ 389.627086][ T5780] syz-executor: attempt to access beyond end of device [ 389.627086][ T5780] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 389.635358][ T5821] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 389.691001][T15994] XFS (loop4): Quotacheck: Done. [ 389.704323][ T5780] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 389.795978][T16043] loop3: detected capacity change from 0 to 1764 [ 389.869798][T15516] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 389.875878][ T5821] usb 1-1: Using ep0 maxpacket: 8 [ 389.908932][ T5821] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 389.940188][ T5821] usb 1-1: config 0 has no interface number 0 [ 389.949366][ T5821] usb 1-1: config 0 interface 1 has no altsetting 0 [ 389.968731][ T5821] usb 1-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.2f [ 389.996171][ T5821] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 390.004237][ T5821] usb 1-1: Product: syz [ 390.050049][ T5821] usb 1-1: Manufacturer: syz [ 390.054707][ T5821] usb 1-1: SerialNumber: syz [ 390.079447][ T5821] usb 1-1: config 0 descriptor?? [ 390.163609][T16046] loop3: detected capacity change from 0 to 47 [ 390.334944][ T5821] i2c-cp2615: probe of 1-1:0.1 failed with error -22 [ 390.650874][ T5821] usb 1-1: USB disconnect, device number 24 [ 390.715924][T16060] loop1: detected capacity change from 0 to 256 [ 390.723406][T16060] exfat: Deprecated parameter 'utf8' [ 390.754407][T16060] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x7b823c56, utbl_chksum : 0xe619d30d) [ 390.768330][T16061] x_tables: ip_tables: TCPMSS target: only valid for protocol 6 [ 391.268828][T16081] netlink: 164 bytes leftover after parsing attributes in process `syz.4.4545'. [ 391.278298][ T5821] usb 2-1: new full-speed USB device number 26 using dummy_hcd [ 391.319164][T16084] No such timeout policy "syz1" [ 391.468648][ T5821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 391.501470][ T5821] usb 2-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f [ 391.521301][ T5821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.554376][ T5821] usb 2-1: Product: syz [ 391.564738][ T5821] usb 2-1: Manufacturer: syz [ 391.583403][ T5821] usb 2-1: SerialNumber: syz [ 391.590211][T16095] netlink: 'syz.3.4550': attribute type 32 has an invalid length. [ 391.600494][ T5821] usb 2-1: config 0 descriptor?? [ 391.638672][ T5821] hub 2-1:0.0: bad descriptor, ignoring hub [ 391.658061][ T5821] hub: probe of 2-1:0.0 failed with error -5 [ 391.684091][ T5821] usb 2-1: Quirk or no altest; falling back to MIDI 1.0 [ 391.719583][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 391.719599][ T28] audit: type=1326 audit(2000002809.022:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16096 comm="syz.4.4551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 391.767177][ T5821] snd-usb-audio: probe of 2-1:0.0 failed with error -2 [ 391.780515][ T28] audit: type=1326 audit(2000002809.022:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16096 comm="syz.4.4551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 391.814181][ T28] audit: type=1326 audit(2000002809.022:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16096 comm="syz.4.4551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 391.832340][T15520] udevd[15520]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 391.890363][ T28] audit: type=1326 audit(2000002809.032:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16096 comm="syz.4.4551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 392.120177][T16113] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 392.135338][ T27] usb 2-1: USB disconnect, device number 26 [ 392.807927][T16139] openvswitch: netlink: Message has 8 unknown bytes. [ 392.856213][T16143] cgroup: Invalid name [ 392.860872][T16137] loop4: detected capacity change from 0 to 4096 [ 393.089026][ T28] audit: type=1326 audit(2000002810.392:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.3.4578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 393.169392][ T28] audit: type=1326 audit(2000002810.392:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.3.4578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 393.261695][ T28] audit: type=1326 audit(2000002810.422:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.3.4578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 393.323656][ T28] audit: type=1326 audit(2000002810.422:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.3.4578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 394.044097][T16190] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 394.077150][T16190] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 394.095247][T16190] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 394.118172][T16193] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4597'. [ 394.122249][T16194] loop4: detected capacity change from 0 to 256 [ 394.365287][T16196] loop3: detected capacity change from 0 to 4096 [ 395.165552][ T27] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 395.272926][T16239] tmpfs: Unknown parameter 'func' [ 395.309762][T16236] loop0: detected capacity change from 0 to 4096 [ 395.362607][T16236] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 395.375039][ T27] usb 5-1: Using ep0 maxpacket: 8 [ 395.392459][ T27] usb 5-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 395.422940][ T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.445083][ T27] usb 5-1: Product: syz [ 395.456703][ T27] usb 5-1: Manufacturer: syz [ 395.471600][ T27] usb 5-1: SerialNumber: syz [ 395.488396][ T27] usb 5-1: config 0 descriptor?? [ 395.498497][ T27] radio-usb-si4713 5-1:0.0: Si4713 development board discovered: (10C4:8244) [ 395.507902][T16236] ntfs3: loop0: Failed to load $Extend (-22). [ 395.514091][T16236] ntfs3: loop0: Failed to initialize $Extend. [ 395.619078][T16236] ntfs3: loop0: ino=1b, "file0" The size of extended attributes must not exceed 64KiB [ 395.836903][T16249] loop1: detected capacity change from 0 to 2048 [ 395.882492][ T28] audit: type=1326 audit(2000002813.182:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16251 comm="syz.0.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 395.908266][T16249] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 395.939167][ T28] audit: type=1326 audit(2000002813.212:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16251 comm="syz.0.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daf18e929 code=0x7ffc0000 [ 395.961513][ C0] vkms_vblank_simulate: vblank timer overrun [ 395.963794][ T27] radio-usb-si4713: probe of 5-1:0.0 failed with error -71 [ 396.026841][ T27] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 396.092476][ T27] usb 5-1: USB disconnect, device number 2 [ 396.096888][T16255] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 396.105766][T16255] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 396.289548][T16245] loop3: detected capacity change from 0 to 32768 [ 396.736568][T16269] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 396.825134][ T27] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 397.018713][T16259] loop0: detected capacity change from 0 to 32768 [ 397.030237][ T27] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 397.057263][ T27] usb 2-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=22.7e [ 397.079183][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 397.099813][ T27] usb 2-1: Product: syz [ 397.112238][T16259] syz.0.4626: attempt to access beyond end of device [ 397.112238][T16259] loop0: rw=1, sector=4701696, nr_sectors = 8 limit=32768 [ 397.116471][ T27] usb 2-1: Manufacturer: syz [ 397.138673][T16259] metapage_write_end_io: I/O error [ 397.148968][ T27] usb 2-1: SerialNumber: syz [ 397.153312][T16259] ERROR: (device loop0): diWrite: ixpxd invalid [ 397.153312][T16259] [ 397.177252][T16259] ERROR: (device loop0): remounting filesystem as read-only [ 397.184745][T16259] ERROR: (device loop0): txCommit: [ 397.184745][T16259] [ 397.202125][T16259] blkno = 8f7c0, nblocks = 1 [ 397.208977][T16259] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map [ 397.208977][T16259] [ 397.224656][T16259] ERROR: (device loop0): dbAllocNext: Corrupt dmap page [ 397.224656][T16259] [ 397.239838][T16259] ialloc: diAlloc returned -5! [ 397.321411][ T5781] syz-executor: attempt to access beyond end of device [ 397.321411][ T5781] loop0: rw=1, sector=4701696, nr_sectors = 8 limit=32768 [ 397.340506][ T5781] metapage_write_end_io: I/O error [ 397.389252][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 397.389267][ T28] audit: type=1326 audit(2000002814.692:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 397.461426][T16268] loop3: detected capacity change from 0 to 32768 [ 397.468912][ T28] audit: type=1326 audit(2000002814.692:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 397.513880][ T28] audit: type=1326 audit(2000002814.742:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 397.577560][T16268] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 397.614737][ T27] usb 2-1: probing VID:PID(0424:012C) ẜ垛䤾ꆟἉ苊꜁᭖迎涯ὠ聑裼督ꪔ [ 397.631228][ T28] audit: type=1326 audit(2000002814.742:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 397.667096][T16268] XFS (loop3): Ending clean mount [ 397.682534][ T27] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs [ 397.764442][ T5783] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 397.783039][ T28] audit: type=1326 audit(2000002814.742:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3237b8e929 code=0x7ffc0000 [ 397.821734][ T27] vub300: probe of 2-1:2.0 failed with error -22 [ 397.890923][ T27] usb 2-1: USB disconnect, device number 27 [ 398.428994][T16304] loop3: detected capacity change from 0 to 256 [ 398.454720][T16304] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 398.457463][T16301] loop0: detected capacity change from 0 to 4096 [ 398.471830][T16305] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4644'. [ 398.505625][T16305] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4644'. [ 398.539075][T16301] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 399.085903][T16321] netlink: 'syz.3.4652': attribute type 12 has an invalid length. [ 399.486821][T16343] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 399.493334][T16343] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 399.493778][T16344] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2 [ 399.534267][T16344] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0 [ 399.615134][ T54] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 399.826998][ T54] usb 1-1: Using ep0 maxpacket: 8 [ 399.839150][ T54] usb 1-1: config 1 has an invalid interface number: 128 but max is 1 [ 399.848335][ T54] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 399.871416][ T54] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 399.891488][ T54] usb 1-1: config 1 has no interface number 0 [ 399.903660][ T54] usb 1-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 399.956081][ T54] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 399.975036][ T54] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 399.993273][ T54] usb 1-1: Product: syz [ 400.003422][ T54] usb 1-1: Manufacturer: syz [ 400.013548][ T54] usb 1-1: SerialNumber: syz [ 400.036188][ T54] cdc_wdm 1-1:1.128: skipping garbage [ 400.043926][ T54] cdc_wdm 1-1:1.128: invalid descriptor buffer length [ 400.059555][ T54] cdc_wdm: probe of 1-1:1.128 failed with error -22 [ 400.219977][T16367] loop3: detected capacity change from 0 to 4096 [ 400.275515][T16367] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 400.300647][ T54] usb 1-1: USB disconnect, device number 25 [ 400.333819][T16367] ntfs3: loop3: Failed to load $Extend (-22). [ 400.363842][T16367] ntfs3: loop3: Failed to initialize $Extend. [ 400.479914][T16367] ntfs3: loop3: ino=1b, "file0" The size of extended attributes must not exceed 64KiB [ 400.531023][T16380] program syz.1.4672 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 401.630866][T16418] loop4: detected capacity change from 0 to 4096 [ 401.660263][T16418] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 401.810702][T16401] loop0: detected capacity change from 0 to 32768 [ 401.837135][T16418] ntfs3: loop4: failed to convert "c46c" to cp866 [ 401.847336][T16401] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 scanned by syz.0.4680 (16401) [ 401.908604][T16401] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 401.948750][T16401] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 401.972479][T16401] BTRFS info (device loop0): using free space tree [ 402.133797][T16401] BTRFS info (device loop0): enabling ssd optimizations [ 402.170848][T16401] BTRFS info (device loop0): auto enabling async discard [ 402.549592][T16461] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4695'. [ 402.601835][ T5781] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 402.820492][T16441] loop3: detected capacity change from 0 to 32768 [ 402.848458][T16441] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.4692 (16441) [ 402.875158][T16466] netlink: 'syz.1.4698': attribute type 2 has an invalid length. [ 402.882928][T16466] netlink: 'syz.1.4698': attribute type 8 has an invalid length. [ 402.915526][T16466] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4698'. [ 402.924555][T16441] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 402.985307][T16441] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 403.055093][T16441] BTRFS info (device loop3): using free space tree [ 403.332013][T16441] BTRFS info (device loop3): enabling ssd optimizations [ 403.339873][T16441] BTRFS info (device loop3): auto enabling async discard [ 403.605616][ T5783] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 403.765541][ T5848] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 403.809205][T15520] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by udevd (15520) [ 404.017675][ T5848] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 404.035699][ T28] audit: type=1326 audit(2000002821.332:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16511 comm="syz.3.4706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 404.068278][ T5848] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 404.108542][ T28] audit: type=1326 audit(2000002821.332:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16511 comm="syz.3.4706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 404.123222][ T5848] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 404.213184][ T28] audit: type=1326 audit(2000002821.362:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16511 comm="syz.3.4706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 404.215606][ T5848] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 404.309687][ T28] audit: type=1326 audit(2000002821.362:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16511 comm="syz.3.4706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 404.324646][ T5848] usb 5-1: config 1 has no interface number 0 [ 404.399137][T16486] loop1: detected capacity change from 0 to 32768 [ 404.399969][ T5848] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 404.421060][ T28] audit: type=1326 audit(2000002821.362:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16511 comm="syz.3.4706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f481438e929 code=0x7ffc0000 [ 404.453077][ T5848] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.500392][T16486] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 404.571490][ T5848] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 404.585627][T16486] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 404.634315][T16486] BTRFS info (device loop1): using free space tree [ 404.810117][ T5848] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values [ 404.873192][ T5848] snd_usb_pod 5-1:1.1: invalid control EP [ 404.892766][ T5848] snd_usb_pod 5-1:1.1: cannot start listening: -22 [ 404.914516][ T5848] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 404.922760][ T5848] snd_usb_pod: probe of 5-1:1.1 failed with error -22 [ 404.930236][T16486] BTRFS info (device loop1): enabling ssd optimizations [ 404.969886][T16486] BTRFS info (device loop1): auto enabling async discard [ 405.221654][ T9] usb 5-1: USB disconnect, device number 3 [ 405.283032][ T5780] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 405.428114][T15520] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop1 scanned by udevd (15520) [ 405.789259][T16574] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4722'. [ 406.484851][T16597] infiniband s: set down [ 406.733540][T16611] loop4: detected capacity change from 0 to 8 [ 406.813869][T16611] SQUASHFS error: xz decompression failed, data probably corrupt [ 406.836062][T16611] SQUASHFS error: Failed to read block 0x108: -5 [ 406.842448][T16611] SQUASHFS error: Unable to read metadata cache entry [106] [ 406.891807][T16611] SQUASHFS error: Unable to read inode 0x11f [ 406.936225][T16619] loop3: detected capacity change from 0 to 1024 [ 407.164588][ T42] hfsplus: b-tree write err: -5, ino 4 [ 407.415165][ T5820] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 407.589865][T16640] loop3: detected capacity change from 0 to 64 [ 407.643660][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 407.675027][ T5820] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 407.719234][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33119, setting to 1024 [ 407.765029][ T5820] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 407.803570][ T5820] usb 5-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72 [ 407.808614][T16644] loop0: detected capacity change from 0 to 256 [ 407.823646][ T5820] usb 5-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0 [ 407.871192][ T5820] usb 5-1: Manufacturer: syz [ 407.888215][ T5820] usb 5-1: config 0 descriptor?? [ 407.894081][T16611] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 407.911749][T16616] loop1: detected capacity change from 0 to 40427 [ 407.947636][ T5820] smsusb:smsusb_probe: board id=9, interface number 0 [ 407.960312][T16644] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d) [ 407.961255][ T5820] smsusb:siano_media_device_register: media controller created [ 407.999540][T16616] F2FS-fs (loop1): heap/no_heap options were deprecated [ 408.027914][T16616] F2FS-fs (loop1): build fault injection attr: rate: 19, type: 0x7ffff [ 408.060643][T16616] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x77e8c [ 408.076775][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.084171][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.091501][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.098803][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.106068][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.117662][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.125572][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.132879][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.140161][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.147445][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.170247][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.177763][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.185045][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.192335][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.199633][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.207295][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.214969][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.222241][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.229508][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.232576][T16616] F2FS-fs (loop1): invalid crc value [ 408.236779][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.239641][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.256843][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.264151][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.271439][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.278713][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.286715][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.294068][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.301413][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.308741][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.316149][T16616] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1d6/0x920 [ 408.316413][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.334854][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.342209][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.349520][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.356832][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.364138][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.373761][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.381373][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.388657][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.395936][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.403178][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.410423][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.417696][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.424955][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.438716][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.446035][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.453327][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.460606][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.467993][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.475297][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.482571][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.489860][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.491643][T16616] F2FS-fs (loop1): Found nat_bits in checkpoint [ 408.500548][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.511075][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.518438][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.525771][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.533134][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.540486][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.547874][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.555222][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.562923][ T5820] smsmdtv:smscore_sendrequest_and_wait: sendrequest returned error -22 [ 408.574088][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574197][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574286][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574376][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574459][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574536][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574623][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574708][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574794][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.574886][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.648657][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.656221][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.663539][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.670838][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.678141][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.685441][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.692726][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.700009][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.707296][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.714590][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.723069][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.730371][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.737633][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.744888][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.752147][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.759392][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.766628][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.774727][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.782022][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.789298][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.796568][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.803850][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.811120][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.818393][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.825666][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.832947][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.840221][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.847874][ T5820] smsmdtv:smscore_set_device_mode: mode detect failed -22 [ 408.856265][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.856368][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.856450][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.856531][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.856614][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.856717][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.856801][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.856891][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.856973][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.857055][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.881196][T16616] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x134/0x650 [ 408.886477][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.948766][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.956085][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.963370][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.970659][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.977939][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.985208][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.992501][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 408.999807][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.004250][T16616] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x134/0x650 [ 409.007074][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.007198][ T5820] smsmdtv:smscore_start_device: set device mode failed , rc -22 [ 409.034575][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.041887][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.049179][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.053966][T16616] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 409.056449][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.056510][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.056559][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.086224][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.093643][ T5820] smsusb:smsusb_init_device: smscore_start_device(...) failed [ 409.110955][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.118285][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.125601][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.132921][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.140232][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.150566][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.157892][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.168656][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.175973][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.183255][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.190537][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.197820][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.213721][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.221049][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.229169][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.236486][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.243776][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.251150][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.258476][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.265764][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.273070][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.281507][ C1] smsusb:smsusb_onresponse: error, urb status -2, 0 bytes [ 409.288750][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.296124][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.303421][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.310723][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.318200][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.325486][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.332768][ C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes [ 409.343917][ T5820] ------------[ cut here ]------------ [ 409.353135][ T5820] ODEBUG: free active (active state 0) object: ffff88802da8e328 object type: work_struct hint: do_submit_urb+0x0/0x360 [ 409.365859][ T5772] ================================================================== [ 409.373926][ T5772] BUG: KASAN: slab-use-after-free in __lock_acquire+0xff/0x7c80 [ 409.381582][ T5772] Read of size 8 at addr ffff888030d9e098 by task kworker/1:3/5772 [ 409.389465][ T5772] [ 409.391793][ T5772] CPU: 1 PID: 5772 Comm: kworker/1:3 Not tainted 6.6.95-syzkaller #0 [ 409.399861][ T5772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 409.409918][ T5772] Workqueue: events do_submit_urb [ 409.414966][ T5772] Call Trace: [ 409.418234][ T5772] [ 409.421157][ T5772] dump_stack_lvl+0x16c/0x230 [ 409.425832][ T5772] ? __lock_acquire+0x7c80/0x7c80 [ 409.430845][ T5772] ? show_regs_print_info+0x20/0x20 [ 409.436049][ T5772] ? load_image+0x3b0/0x3b0 [ 409.440559][ T5772] ? __virt_addr_valid+0x469/0x540 [ 409.445681][ T5772] print_report+0xac/0x230 [ 409.450102][ T5772] ? __lock_acquire+0xff/0x7c80 [ 409.454950][ T5772] kasan_report+0x117/0x150 [ 409.459472][ T5772] ? mark_lock+0x94/0x320 [ 409.463804][ T5772] ? __lock_acquire+0xff/0x7c80 [ 409.468841][ T5772] __lock_acquire+0xff/0x7c80 [ 409.473517][ T5772] ? mark_lock+0x94/0x320 [ 409.477840][ T5772] ? __lock_acquire+0x1334/0x7c80 [ 409.482857][ T5772] ? mark_lock+0x94/0x320 [ 409.487171][ T5772] ? look_up_lock_class+0x75/0x140 [ 409.492288][ T5772] ? verify_lock_unused+0x140/0x140 [ 409.497471][ T5772] ? register_lock_class+0xb5/0x890 [ 409.502655][ T5772] ? is_dynamic_key+0x260/0x260 [ 409.507490][ T5772] ? mark_lock+0x94/0x320 [ 409.511808][ T5772] ? __lock_acquire+0x1334/0x7c80 [ 409.516821][ T5772] lock_acquire+0x197/0x410 [ 409.521307][ T5772] ? smscore_getbuffer+0xa9/0x440 [ 409.526321][ T5772] ? read_lock_is_recursive+0x20/0x20 [ 409.531682][ T5772] _raw_spin_lock_irqsave+0xa8/0xf0 [ 409.536867][ T5772] ? smscore_getbuffer+0xa9/0x440 [ 409.541875][ T5772] ? _raw_spin_lock+0x40/0x40 [ 409.546540][ T5772] smscore_getbuffer+0xa9/0x440 [ 409.551386][ T5772] ? smscore_onresponse+0xf10/0xf10 [ 409.556571][ T5772] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 409.562555][ T5772] ? read_lock_is_recursive+0x20/0x20 [ 409.568046][ T5772] do_submit_urb+0x98/0x360 [ 409.572597][ T5772] ? process_scheduled_works+0x957/0x15b0 [ 409.578326][ T5772] ? process_scheduled_works+0x957/0x15b0 [ 409.584041][ T5772] process_scheduled_works+0xa45/0x15b0 [ 409.589592][ T5772] ? assign_work+0x400/0x400 [ 409.594177][ T5772] ? assign_work+0x39e/0x400 [ 409.598759][ T5772] worker_thread+0xa55/0xfc0 [ 409.603341][ T5772] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 409.609220][ T5772] ? _raw_spin_unlock+0x40/0x40 [ 409.614056][ T5772] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 409.619940][ T5772] kthread+0x2fa/0x390 [ 409.623998][ T5772] ? pr_cont_work+0x560/0x560 [ 409.628663][ T5772] ? kthread_blkcg+0xd0/0xd0 [ 409.633235][ T5772] ret_from_fork+0x48/0x80 [ 409.637640][ T5772] ? kthread_blkcg+0xd0/0xd0 [ 409.642211][ T5772] ret_from_fork_asm+0x11/0x20 [ 409.646993][ T5772] [ 409.650005][ T5772] [ 409.652311][ T5772] Allocated by task 5820: [ 409.656631][ T5772] kasan_set_track+0x4e/0x70 [ 409.661214][ T5772] __kasan_kmalloc+0x8f/0xa0 [ 409.665795][ T5772] smscore_register_device+0x63/0x10f0 [ 409.671238][ T5772] smsusb_probe+0x1362/0x1da0 [ 409.675913][ T5772] usb_probe_interface+0x5a4/0xb00 [ 409.681008][ T5772] really_probe+0x25b/0xb40 [ 409.685502][ T5772] __driver_probe_device+0x18c/0x330 [ 409.690772][ T5772] driver_probe_device+0x4f/0x420 [ 409.695795][ T5772] __device_attach_driver+0x2ca/0x520 [ 409.701165][ T5772] bus_for_each_drv+0x24b/0x2d0 [ 409.706000][ T5772] __device_attach+0x2b5/0x400 [ 409.710776][ T5772] bus_probe_device+0x180/0x260 [ 409.715609][ T5772] device_add+0x85b/0xc20 [ 409.719920][ T5772] usb_set_configuration+0x1a79/0x20c0 [ 409.725378][ T5772] usb_generic_driver_probe+0x8d/0x150 [ 409.730823][ T5772] usb_probe_device+0x13d/0x280 [ 409.735654][ T5772] really_probe+0x25b/0xb40 [ 409.740145][ T5772] __driver_probe_device+0x18c/0x330 [ 409.745413][ T5772] driver_probe_device+0x4f/0x420 [ 409.750426][ T5772] __device_attach_driver+0x2ca/0x520 [ 409.755871][ T5772] bus_for_each_drv+0x24b/0x2d0 [ 409.760714][ T5772] __device_attach+0x2b5/0x400 [ 409.765467][ T5772] bus_probe_device+0x180/0x260 [ 409.770305][ T5772] device_add+0x85b/0xc20 [ 409.774615][ T5772] usb_new_device+0xa31/0x1630 [ 409.779360][ T5772] hub_event+0x2957/0x49c0 [ 409.783766][ T5772] process_scheduled_works+0xa45/0x15b0 [ 409.789385][ T5772] worker_thread+0xa55/0xfc0 [ 409.793961][ T5772] kthread+0x2fa/0x390 [ 409.798025][ T5772] ret_from_fork+0x48/0x80 [ 409.802512][ T5772] ret_from_fork_asm+0x11/0x20 [ 409.807259][ T5772] [ 409.809563][ T5772] Freed by task 5820: [ 409.813522][ T5772] kasan_set_track+0x4e/0x70 [ 409.818101][ T5772] kasan_save_free_info+0x2e/0x50 [ 409.823112][ T5772] ____kasan_slab_free+0x126/0x1e0 [ 409.828207][ T5772] slab_free_freelist_hook+0x130/0x1b0 [ 409.833649][ T5772] __kmem_cache_free+0xba/0x1f0 [ 409.838479][ T5772] smscore_unregister_device+0x603/0x6e0 [ 409.844108][ T5772] smsusb_term_device+0x18f/0x220 [ 409.849124][ T5772] smsusb_probe+0x1708/0x1da0 [ 409.853787][ T5772] usb_probe_interface+0x5a4/0xb00 [ 409.858881][ T5772] really_probe+0x25b/0xb40 [ 409.863372][ T5772] __driver_probe_device+0x18c/0x330 [ 409.868816][ T5772] driver_probe_device+0x4f/0x420 [ 409.873823][ T5772] __device_attach_driver+0x2ca/0x520 [ 409.879179][ T5772] bus_for_each_drv+0x24b/0x2d0 [ 409.884012][ T5772] __device_attach+0x2b5/0x400 [ 409.888759][ T5772] bus_probe_device+0x180/0x260 [ 409.893593][ T5772] device_add+0x85b/0xc20 [ 409.897903][ T5772] usb_set_configuration+0x1a79/0x20c0 [ 409.903351][ T5772] usb_generic_driver_probe+0x8d/0x150 [ 409.908794][ T5772] usb_probe_device+0x13d/0x280 [ 409.913625][ T5772] really_probe+0x25b/0xb40 [ 409.918116][ T5772] __driver_probe_device+0x18c/0x330 [ 409.923390][ T5772] driver_probe_device+0x4f/0x420 [ 409.928398][ T5772] __device_attach_driver+0x2ca/0x520 [ 409.933752][ T5772] bus_for_each_drv+0x24b/0x2d0 [ 409.938594][ T5772] __device_attach+0x2b5/0x400 [ 409.943340][ T5772] bus_probe_device+0x180/0x260 [ 409.948173][ T5772] device_add+0x85b/0xc20 [ 409.952482][ T5772] usb_new_device+0xa31/0x1630 [ 409.957235][ T5772] hub_event+0x2957/0x49c0 [ 409.961636][ T5772] process_scheduled_works+0xa45/0x15b0 [ 409.967167][ T5772] worker_thread+0xa55/0xfc0 [ 409.971741][ T5772] kthread+0x2fa/0x390 [ 409.975791][ T5772] ret_from_fork+0x48/0x80 [ 409.980196][ T5772] ret_from_fork_asm+0x11/0x20 [ 409.985032][ T5772] [ 409.987338][ T5772] Last potentially related work creation: [ 409.993029][ T5772] kasan_save_stack+0x3e/0x60 [ 409.997692][ T5772] __kasan_record_aux_stack+0xaf/0xc0 [ 410.003079][ T5772] call_rcu+0x14f/0x920 [ 410.007224][ T5772] netlink_release+0x16d8/0x1ad0 [ 410.012149][ T5772] sock_close+0xbd/0x230 [ 410.016375][ T5772] __fput+0x234/0x970 [ 410.020341][ T5772] task_work_run+0x1ce/0x250 [ 410.024921][ T5772] exit_to_user_mode_loop+0xe6/0x110 [ 410.030201][ T5772] exit_to_user_mode_prepare+0xb1/0x140 [ 410.035733][ T5772] syscall_exit_to_user_mode+0x1a/0x50 [ 410.041614][ T5772] do_syscall_64+0x61/0xb0 [ 410.046014][ T5772] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 410.051980][ T5772] [ 410.054292][ T5772] Second to last potentially related work creation: [ 410.060854][ T5772] kasan_save_stack+0x3e/0x60 [ 410.065524][ T5772] __kasan_record_aux_stack+0xaf/0xc0 [ 410.070905][ T5772] call_rcu+0x14f/0x920 [ 410.075058][ T5772] rxrpc_destroy_call+0x1b6/0x470 [ 410.080092][ T5772] rxrpc_io_thread+0x69d/0x2570 [ 410.084930][ T5772] kthread+0x2fa/0x390 [ 410.088986][ T5772] ret_from_fork+0x48/0x80 [ 410.093395][ T5772] ret_from_fork_asm+0x11/0x20 [ 410.098145][ T5772] [ 410.100449][ T5772] The buggy address belongs to the object at ffff888030d9e000 [ 410.100449][ T5772] which belongs to the cache kmalloc-2k of size 2048 [ 410.114484][ T5772] The buggy address is located 152 bytes inside of [ 410.114484][ T5772] freed 2048-byte region [ffff888030d9e000, ffff888030d9e800) [ 410.128355][ T5772] [ 410.130662][ T5772] The buggy address belongs to the physical page: [ 410.137065][ T5772] page:ffffea0000c36600 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888030d99000 pfn:0x30d98 [ 410.148501][ T5772] head:ffffea0000c36600 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 410.157425][ T5772] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 410.166178][ T5772] page_type: 0xffffffff() [ 410.170491][ T5772] raw: 00fff00000000840 ffff888017842000 0000000000000000 dead000000000001 [ 410.179230][ T5772] raw: ffff888030d99000 0000000080080005 00000001ffffffff 0000000000000000 [ 410.187789][ T5772] page dumped because: kasan: bad access detected [ 410.194191][ T5772] page_owner tracks the page as allocated [ 410.199912][ T5772] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5783, tgid 5783 (syz-executor), ts 70424220140, free_ts 70395929210 [ 410.221258][ T5772] post_alloc_hook+0x1cd/0x210 [ 410.226013][ T5772] get_page_from_freelist+0x195c/0x19f0 [ 410.231542][ T5772] __alloc_pages+0x1e3/0x460 [ 410.236118][ T5772] alloc_slab_page+0x5d/0x170 [ 410.240781][ T5772] new_slab+0x87/0x2e0 [ 410.244830][ T5772] ___slab_alloc+0xc6d/0x12f0 [ 410.249486][ T5772] __kmem_cache_alloc_node+0x1a2/0x260 [ 410.255217][ T5772] __kmalloc_node+0xa4/0x230 [ 410.259787][ T5772] qdisc_alloc+0x94/0xa50 [ 410.264098][ T5772] qdisc_create_dflt+0x63/0x430 [ 410.268936][ T5772] dev_activate+0x397/0x11a0 [ 410.273519][ T5772] __dev_open+0x338/0x430 [ 410.277841][ T5772] __dev_change_flags+0x20e/0x6a0 [ 410.282855][ T5772] dev_change_flags+0x88/0x1a0 [ 410.287601][ T5772] do_setlink+0xc74/0x3fb0 [ 410.291997][ T5772] rtnl_newlink+0x175b/0x2020 [ 410.296660][ T5772] page last free stack trace: [ 410.301343][ T5772] free_unref_page_prepare+0x7ce/0x8e0 [ 410.306785][ T5772] free_unref_page+0x32/0x2e0 [ 410.311443][ T5772] __unfreeze_partials+0x1cf/0x210 [ 410.316549][ T5772] put_cpu_partial+0x17c/0x250 [ 410.321293][ T5772] __slab_free+0x31d/0x410 [ 410.325691][ T5772] qlist_free_all+0x75/0xe0 [ 410.330174][ T5772] kasan_quarantine_reduce+0x143/0x160 [ 410.335633][ T5772] __kasan_slab_alloc+0x22/0x80 [ 410.340468][ T5772] slab_post_alloc_hook+0x6e/0x4d0 [ 410.345596][ T5772] kmem_cache_alloc_lru+0x115/0x2e0 [ 410.350777][ T5772] sock_alloc_inode+0x28/0xc0 [ 410.355438][ T5772] new_inode_pseudo+0x63/0x1d0 [ 410.360184][ T5772] __sock_create+0x12d/0x940 [ 410.364760][ T5772] __sys_socket+0xd7/0x1a0 [ 410.369164][ T5772] __x64_sys_socket+0x7a/0x90 [ 410.373913][ T5772] do_syscall_64+0x55/0xb0 [ 410.378331][ T5772] [ 410.380640][ T5772] Memory state around the buggy address: [ 410.386248][ T5772] ffff888030d9df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 410.394377][ T5772] ffff888030d9e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 410.402427][ T5772] >ffff888030d9e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 410.410481][ T5772] ^ [ 410.415314][ T5772] ffff888030d9e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 410.423366][ T5772] ffff888030d9e180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 410.431432][ T5772] ================================================================== [ 410.440016][ T5772] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 410.447213][ T5772] CPU: 1 PID: 5772 Comm: kworker/1:3 Not tainted 6.6.95-syzkaller #0 [ 410.455527][ T5772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 410.465745][ T5772] Workqueue: events do_submit_urb [ 410.470776][ T5772] Call Trace: [ 410.474040][ T5772] [ 410.476967][ T5772] dump_stack_lvl+0x16c/0x230 [ 410.481641][ T5772] ? show_regs_print_info+0x20/0x20 [ 410.486835][ T5772] ? load_image+0x3b0/0x3b0 [ 410.491325][ T5772] panic+0x2c0/0x710 [ 410.495205][ T5772] ? bpf_jit_dump+0xd0/0xd0 [ 410.499697][ T5772] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 410.505580][ T5772] ? _raw_spin_unlock+0x40/0x40 [ 410.510412][ T5772] ? print_memory_metadata+0x314/0x400 [ 410.515859][ T5772] ? __lock_acquire+0xff/0x7c80 [ 410.520701][ T5772] check_panic_on_warn+0x84/0xa0 [ 410.525648][ T5772] ? __lock_acquire+0xff/0x7c80 [ 410.530506][ T5772] end_report+0x6f/0x140 [ 410.534759][ T5772] kasan_report+0x128/0x150 [ 410.539259][ T5772] ? mark_lock+0x94/0x320 [ 410.543585][ T5772] ? __lock_acquire+0xff/0x7c80 [ 410.548434][ T5772] __lock_acquire+0xff/0x7c80 [ 410.553113][ T5772] ? mark_lock+0x94/0x320 [ 410.557439][ T5772] ? __lock_acquire+0x1334/0x7c80 [ 410.562458][ T5772] ? mark_lock+0x94/0x320 [ 410.566775][ T5772] ? look_up_lock_class+0x75/0x140 [ 410.571874][ T5772] ? verify_lock_unused+0x140/0x140 [ 410.577064][ T5772] ? register_lock_class+0xb5/0x890 [ 410.582251][ T5772] ? is_dynamic_key+0x260/0x260 [ 410.587088][ T5772] ? mark_lock+0x94/0x320 [ 410.591496][ T5772] ? __lock_acquire+0x1334/0x7c80 [ 410.596537][ T5772] lock_acquire+0x197/0x410 [ 410.601048][ T5772] ? smscore_getbuffer+0xa9/0x440 [ 410.606074][ T5772] ? read_lock_is_recursive+0x20/0x20 [ 410.611442][ T5772] _raw_spin_lock_irqsave+0xa8/0xf0 [ 410.616635][ T5772] ? smscore_getbuffer+0xa9/0x440 [ 410.621651][ T5772] ? _raw_spin_lock+0x40/0x40 [ 410.626320][ T5772] smscore_getbuffer+0xa9/0x440 [ 410.631165][ T5772] ? smscore_onresponse+0xf10/0xf10 [ 410.636348][ T5772] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 410.642337][ T5772] ? read_lock_is_recursive+0x20/0x20 [ 410.647696][ T5772] do_submit_urb+0x98/0x360 [ 410.652191][ T5772] ? process_scheduled_works+0x957/0x15b0 [ 410.657919][ T5772] ? process_scheduled_works+0x957/0x15b0 [ 410.663650][ T5772] process_scheduled_works+0xa45/0x15b0 [ 410.669214][ T5772] ? assign_work+0x400/0x400 [ 410.673805][ T5772] ? assign_work+0x39e/0x400 [ 410.678408][ T5772] worker_thread+0xa55/0xfc0 [ 410.683158][ T5772] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 410.689052][ T5772] ? _raw_spin_unlock+0x40/0x40 [ 410.693902][ T5772] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 410.699877][ T5772] kthread+0x2fa/0x390 [ 410.703941][ T5772] ? pr_cont_work+0x560/0x560 [ 410.708618][ T5772] ? kthread_blkcg+0xd0/0xd0 [ 410.713212][ T5772] ret_from_fork+0x48/0x80 [ 410.717625][ T5772] ? kthread_blkcg+0xd0/0xd0 [ 410.722208][ T5772] ret_from_fork_asm+0x11/0x20 [ 410.726966][ T5772] [ 410.730218][ T5772] Kernel Offset: disabled [ 410.734531][ T5772] Rebooting in 86400 seconds..